Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Resolved! .csv format change

Hi,

I've just noticed this recently. A while ago when I added .csv file to a report, it was formatted with coma between columns. Now it is using a tab what cusses export to Excel more difficult. Is any setting which can be use to change it back? 

Resolved! Why Task Manager - Prompt the Alerts: Behavioral Threat

Dear All,

 

Do you know why the content updated, cannot open the task manager?

Cortex XDR 

            "ruleId": "bioc.masqueraded_process_msft",
            "fileIdx": 0,
            "modules": [],
            "profile": "Malware",
            "sockets"

...

Cortex XDR 3.10 and endpoint slowness

3.10 activated in our tenant yesterday and along with that, our endpoints started upgrading to 8.3 (we are one release behind the latest).

This morning we were deluged with calls about unresponsive endpoints.

 

We stopped the automatic endpoint upgra

...

PCTomS_0-1715034999034.png
PC-TomS by L3 Networker
  • 1176 Views
  • 2 replies
  • 0 Likes

Whitelist our backup software

Hello,
I do represent a company called Arx One. We have been publishing a backup software suite (backup agent, agent management console) for more than 15 years now and those software are installed on our customers' workstations, servers or NAS (Window

...

Failed to load license data

Since our recent renewal, which is reflected in Assets in the support portal, attempting to Cortex XDR results in an error message of "Failed to load license data or license is expired."

 

Background: We recently renewed our Cortex XDR Pro license. W

...

Reflexion_0-1714678543536.png

Resolved! Not able to see Asset in Cortex portal.

Not able to see Asset in Cortex portal. Cortex XDR agent is installed on Asset.
Asset is a Ubuntu 28.04 VM on GCP, having access to internet.

 

root@dev-vcs-martin1:/var/log/traps# dpkg -l | grep cortex-agent
ii cortex-agent 7.9.0.82606 amd64 Palo Alto

...

XDR USB Activities

Hello, 

I have a few questions and I would be happy If you answer them. 

 

Questions:

 

  1. In device control tab of Cortex XDR, I  can easily turn DIsk Drives to read mode. It is okey and working when I am doing this. I cannot delete any file, write or
...

XQL quey help

Hello everyone, 

I would like to replicate some queries in Cortex using XQL, but I have many doubts with this language and I am arguing with it 

Example:

T1140 Deobfuscate/Decode Files or Information 

DeviceProcessEvents | where ProcessVersionInfoProdu...

agirones by L1 Bithead
  • 563 Views
  • 1 replies
  • 0 Likes
  • 2052 Posts
  • 81 Subscriptions
Top Solution Authors