Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Resolved! Legacy Exceptions removal

We're looking through the Legacy Exceptions and some are no longer needed.  To do this, do we need to activate them and then remove these exceptions? 

Also could I please confirm that these exceptions already exist in the system and by clicking acti

...

JasonHoMFT_0-1693966729791.png

Resolved! Manually update content version?

Is there a way to manually update the content version? I downloaded the agent install plus latest content version and I can't figure out what to do with the content version files or find a way to push the latest content version. This particular machi

...

enewman by L1 Bithead
  • 4847 Views
  • 5 replies
  • 0 Likes

Resolved! Cortex XSIAM + XDR

Hello dear community, 

 

who of you is using XSIAM? How is it?

Will XDR + XSIAM ever get together in one product? 

 

BR 

 

Rob

RFeyertag by L4 Transporter
  • 1286 Views
  • 3 replies
  • 0 Likes

Resolved! XQL filter o365 attachments

Hi,
 
I am trying to filter o365 attachments without success, could you help pls
 
sample
[ { "@odata.type": "#microsoft.graph.fileAttachment", "@odata.mediaContentType": "image/jpeg", "id": "AAMkADEzYjJhMzM1LTY0ODctNGUxOS05ZDc5LTQ2MW
...

Cortex XDR with VDI persitent Desktop

Hello,

 

We use the Vmware Horizon VDI solution in Instant Clone with FSLogix profiles and a dedicated machine based on a Golden Image (Automated, Instant Clone, Dedicated).

 

A user therefore always connects to the same machine, which is updated fro

...

Help with t XQL BIOC/Correlation rule

Hi ALL,

New to XDR world,  

I am have a XQL query against a 2FA log which looks for user login (fail or success) from 2 different countries in 3 hours. 

Query looks like  

dataset in (XXX_raw)
| filter eventType = "User.Login" // look for  login events
|

...

XQL Query to view the "Incident Name"

Hi People, 

 

I was wondering if anyone could assist me with XQL Query to display the Incident name. Please refer to the attached photo to get an idea of what I am trying to achieve. I have used the xdr_data dataset, however i cannot find the relevan

...

  • 1755 Posts
  • 79 Subscriptions
Top Solution Authors