Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Resolved! Automatic retrive alert data on VDI XDR

Hello,
In my company, we have many non-persistent VDIs, and sometimes an alert arises and I couldn't perform the 'Retrieve alert data' because when i see alert the user has already logged out of the VDI.

My question is, is it possible in the Cortex X

...

tlmarques by L4 Transporter
  • 904 Views
  • 1 replies
  • 0 Likes

Where to publish EDL

Hi,

I was planning to use Cortex XDR as my EDL publisher but since it doesn't support networks, only single IP addresses, it is useless for me. I don't want to publish it on our IIS servers so I'm looking for good alternative. Can anybody suggest som

...

Resolved! Suspicious Executable Detected

We have had a number of users endpoints alert with the following:

Subsequent scans of endpoints found nothing and there are not associated incidents within the portal.

As can be seen, there is no identified application name or publisher. Is there an

...

DerekC_2-1711366036813.png
DerekC by L0 Member
  • 1262 Views
  • 1 replies
  • 0 Likes

create a tag in fireall

"Hi,

We have multiple VM brokers, each connected to the same model of firewall. However, in a recent incident, it was difficult to identify the source of the incident from which the firewall it originated. We're exploring two potential solutions:

1.

...

Can global uninstall password expire?

We noticed that the global uninstall password set last year at the end of May no loger works, in the Management Audit Logs there are no other events "Agent global uninstall password updated".

 

Can it expire? or be changed without generating an even

...

Danmar by L0 Member
  • 757 Views
  • 3 replies
  • 0 Likes
  • 2065 Posts
  • 81 Subscriptions
Top Solution Authors
Top Liked Authors