Content translations are temporarily unavailable due to site maintenance. We apologize for any inconvenience.
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.
Dear,
I want to block an application, I configured it to block by the process, but when changing the name of the executable it also changes the name of the service as shown in the images. Would I be able to block it by the name that appears in the
...
Hello dear community,
we all now the future of SOC is Cortex XSIAM.
What will happen to Cortex XDR in the future? I didn't see any planned new KI implementations into XDR.
If you have more informations, please let me know.
BR
Rob
Hi All,
I am looking for a XQL query to extract the number of machines that have WSL components installed? Does anyone had a similar requirements in the past.
hello all experts,
I have encountered a long scanning time, i launched a malware scan from console to isolated endpoint, the job was created at 15:30 and finished by 05:30 by next day.
Guessing when the job was created, either the agent was dis
...
Hi
I wanted to understand how do BIOC rules contribute towards an incidence, I have seen ABIOC contributing towards an incident
Hello!
I got into a trouble with linux oracle and redhat, the trap agent was installed successfully, the agent is activate, broker_vm defined as proxy and it connected, in the console the endpoints were visible (even in the endpoint description also
Hi all
Is there a way to change the internal network subnet through other means other than the webui?
The default 172.17.0.1/16 collides with the network this broker vm is on. We are having trouble accessing the webui but somehow we can ssh in. Wante
...
Hi
We are getting high number of false positives which are from source - XDR Analytics how do i suppress them?
This Incident count is affecting SLAs
Hi
I wanted to understand, if i want to see certain cmdline activities from "x" Process.
Want to know what will be more efficient putting the "x" process in "Causality_actor_process_image_name"
or in "actor_process_image" while creating a BIOC
Has anyone worked with PP TAP integration and creating any useful XQL queries to help identify potential malicious mail that a user interacts with? As example:
Email was not determined "bad" initially but after some sandbox from PP, it is later class
Where can I find agent agent upgrade rollback plan for failed upgrades in cortex XDR?
Hello guys!
I was thinking about what happens to Cortex XDR agent showing connection status as Connection Lost . I know XDR agent who failed to communicate to Management console for past 30 days would go to connection lost.
My doubt is if XDR age
...
Hi All,
Can someone please share the query to detect if any file or folder is being hidden?
Regards,
Shahwaz
Hi,
I am creating a playbook with the objective of integrating Cortex XSOAR and Cortex XDR .
The idea is for Cortex XSOAR to query Cortex XDR , retrieve all the assets detected by the broker scanner, and verify which assets do or do not have the
...
Hello, Is there any possibility that the customer may utilize Cortex XDR agent in two domains, taking into account that first one has tenant id, the other doesn't?
Thank you in advance.
| Subject | Likes |
|---|---|
| 3 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like | |
| 1 Like |
