Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.
Hi, I have a rather peculiar issue(?) with one of my agents.
Said agent is working as intended, however it blocked a certain file form running under "Local Malware Analysis". which is fine, but I did not receive any alert nor incident in the manageme
...
I am not able to see all cortex XDR analytic alert on Console that is mentioned in the document . why ?
Hello Cortex users, wondering if anyone has seen this before? We are getting a single host flagged with a large amount of "Behavioral threat detected (rule: create_renamed_script_engine_by_hash)" but when we investigate in Cortex XDR there is almost
...
Hi,
I created new Prevention Policy Rule and can only select 100 endpoints. When I try to select more, I get the Note:
Anyone have tips on figuring out how to allow exceptions to successfully communication over the internet while an endpoint is in isolation? I would like Microsoft Intune to be able to continue to reach the device while the device is in isolation for
...
Dear PA,
Trying to install Cortex XDR v.7.7.0.X on a Windows 2022 Core and receive "Setup Wizard Ended Prematurely".
Any feed back from your side about this?
Best,
C.
We know that Cortex has the ability to use AMSI but is any one able to achieve a BIOC rule which can trigger an alert for the content inside the script.
Lets say if a Powershell script which is being run has certain parameters in the body such as "re
...
Hello,
We are solving a case of an IIS6.1 vulnerability on an old Windows 2008 R2 SP1 system. Microsoft no longer has support for Windows update. The customer cannot migrate to the newer system yet.
Would Cortex XDR be able to secure IIS v6.1 web serv
Hi All,
I tried to find this on PA Knowledge base but unsuccessful. Our team tries not to make exceptions/whitelisting unless absolutely needed. Therefore, I believe teaching Cortex XDR correctly on what is safe and what is not is crucial.
For examp
...
Recently i have noticed that there is another folder which has been created under PA Cortex folder as below:
"C:\Program Files\Palo Alto Networks\Cortex XDR Health Helper"
Inside the Folder there is PE which is xdrhealth.exe, what is the purpose of t
...
Can we check via cortex XDR which are systems have any specific software installed
Hi all,
Is there any way to add comments to existing device exceptions? I haven’t found the option to do so.
Hello,
I am looking to enable the "Java Deserialization Protection" in my exploit profile.
I see the default is to leave it disabled.
anyone else have this enabled?
any advise or experience working with this?
I'm getting multiple alerts about the file "TwitchClient.exe" which is under below path
C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.10043.0_x64__0a9344xs7nr4m\radeonsoftware\twitch\TwitchClient.exe
Is this file is a
...
Hi All
I'm new to Cortex XDR Hub and i'm trying to manage somes clients in the right way.
I got this situation:
There are some clients who had used IoBit - DriverBooster for the drivers installation on the machine.
A lot of services about this applicat
| User | Count |
|---|---|
| 2 | |
| 2 | |
| 2 | |
| 1 | |
| 1 |
| Subject | Likes |
|---|---|
| 3 Likes | |
| 2 Likes | |
| 2 Likes | |
| 2 Likes | |
| 2 Likes |
| User | Likes Count |
|---|---|
| 9 | |
| 5 | |
| 5 | |
| 3 | |
| 2 |
