How Cortex XDR alert/incident severity is decided or generated on tool
Hello all,
Please help me to understand how Cortex XDR assign the severity to incident and alert.
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.
Hello all,
Please help me to understand how Cortex XDR assign the severity to incident and alert.
Hi everyone,
If an event is triggered in a computer without connection, nothing is sent to the console when the computer recovers the connection.
My concern is how I will be alerted if something happens when a computer have no network.
I realiz
...
Hi
Does anyone know if Cortex XDR detect and/or protect against this type of attack:
Windows 10 must not have portproxy enabled or in use (syxsense.com)
How can we integrate Unit 42 Palo Alto with SIEM particularly Microsoft Sentinel?
Regards,
Shashank
Hi,
I'm trying to use a Python script in Cortex XDR to execute a certificate installation on Windows machines.
The main goal is to import a certificate.p12 with a password to be installed in all the Windows. However, the script is not behaviour as expe
Hello dear community members!
which setting do you prefere? Were there any showstopper with aggressive mode? Which one?
BR
Rob
Hello dear community,
we would like to ingest logs for more visibility.
Actually we have Cortex XDR Pro.
How does the upgrade path look like to get the ability to ingest FW and Windows Event logs?
How much more we need to pay and how does the l
...
Hello dear comminity,
is there any log to see, filter or get notified, if the agent makes changes in the configuration?
BR
Rob
Hello community,
Do you know if Cortex XDR has the capability to capture full URL visits please? Can you please share any documentations saying so if yes.
Thanks.
Hello everyone,
I would like to know if any of you have struggled with support and technical cases with the need I show below.
I would like to know what you can tell me or give me your opinion about taking action against powershell cmdlets.
After sev
...
Helllo everybody,
I have a Cortex XDR Pro per GB and I've acquired a "Forensics" free trial license, which expired yesterday. I need to access the results of the forensics, would i be able to do it? or do i need to renew my license?
Awaiting any
...
All versions of GitButler are falsely flagged by Cortex XDR.
The corresponding GitHub issue can be found here: https://github.com/gitbutlerapp/gitbutler/issues/3518
The hash is related to version 0.11.1
Component: WildFire
Cortex XDR code: C040005
am 04-08-2024 11:02 AM
Hello, I don't know if I'm in the right place...
I would like to integrate our Cortex XDR dashboard into Grafana. I know this is possible via an API, but which connec
Hi everyone,
Just wondering how's the performance or resource is impacted when this protection is on, i bet it would have certain impact as this is "Disabled" by default. or any other concerns if ON?
Any experience to share?
thanks
Is it possible to create an automation script or rule to add a remote IP address to an EDL in Cortex XDR? I'm exploring the best way to handle this. For example, after the recent CVE-2024-3400 disclosure, I patched my firewalls, and all is good. H
...Subject | Likes |
---|---|
3 Likes | |
2 Likes | |
2 Likes | |
1 Like | |
1 Like |