Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Where to publish EDL

Hi,

I was planning to use Cortex XDR as my EDL publisher but since it doesn't support networks, only single IP addresses, it is useless for me. I don't want to publish it on our IIS servers so I'm looking for good alternative. Can anybody suggest som

...

Resolved! Suspicious Executable Detected

We have had a number of users endpoints alert with the following:

Subsequent scans of endpoints found nothing and there are not associated incidents within the portal.

As can be seen, there is no identified application name or publisher. Is there an

...

DerekC_2-1711366036813.png
DerekC by L0 Member
  • 1286 Views
  • 1 replies
  • 0 Likes

create a tag in fireall

"Hi,

We have multiple VM brokers, each connected to the same model of firewall. However, in a recent incident, it was difficult to identify the source of the incident from which the firewall it originated. We're exploring two potential solutions:

1.

...

Can global uninstall password expire?

We noticed that the global uninstall password set last year at the end of May no loger works, in the Management Audit Logs there are no other events "Agent global uninstall password updated".

 

Can it expire? or be changed without generating an even

...

Danmar by L0 Member
  • 763 Views
  • 3 replies
  • 0 Likes

Regex Not Functioning Properly in XQL

Hello everyone, I'm attempting to extract fields from DHCP logs but encounter an error stating, "Your query failed to run as it's invalid." my regex code works correctly on regex101 and CyberChef. Does anyone have any insights on how to troubleshoot

...

  • 2078 Posts
  • 82 Subscriptions
Top Solution Authors
Top Liked Authors