Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Query to Monitor Computer Uptime

 

Hello,

 

I intend to formulate a new query to retrieve the computer's uptime, and if the system has been active for more than 30 days, generate an alert. Although I attempted the following XQL Search, the outcome yielded no results:

 

config case_s...

Cortex XDR agent and EICAR malware test file

Hi team,

 

It feels like I'm missing something and so would appreciate of someone could explain to me why the XDR agent on Windows (latest 8.2.1 with block policy) is not reacting to EICAR malware test file (X5O!P%@AP[4PZX54(P^)7CC)7}$EICAR-STANDARD-

...

stig_72 by L1 Bithead
  • 3244 Views
  • 2 replies
  • 0 Likes

Firefox Extensions

Hello guys, this is my first post, I'm glad I can be part of this community, I tried to make a query to see what extensions are installed in Firefox. I hope it is ok and useful and if you have something to add to improve it, I would be very happy.

 

...

SorinP by L0 Member
  • 747 Views
  • 1 replies
  • 0 Likes

Partial protected endpoints

Dears,

In some cases Endpoint is going to Partial protected due to some issues. I have read this knowledge base. (https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000004OGWCA2&lang=en_US%E2%80%A9) 

Now I want to know that How can

...

Server Golden Image with RDS

Hello, I need your help.

We have a Windows server 2022 with active RDS features and it's a "Golden Image", meaning it serves as the image for 6 other servers.

My question is... the server's purpose is to be an RDS (providing apps), should the Cortex

...

Resolved! Cortex XDR Linux Service Explanation

Dear Team,

 

I wanted an explanation on the cortex XDR services present on the Linux machine and their role. Needed to know each service  functionality mentioned in the below command section like pmd , analyzed , dypd and decryptor.json

Name PID ...

Threat Hunting Scenerios

I would like to set the alert to detect the following scenerios

 

How can I config the XQL/Query in BIOC to detect: Cortex XDR 

  1. Login of local admin user (user with local administrators privilege)
  2. Stop of a windows service e.g “abc.exe” while the endp
...

  • 2012 Posts
  • 80 Subscriptions
Top Liked Authors