Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Cortex XDR missing powershell logging

I'm doing some Powershell detection testing and I noticed that when I open the Powershell GUI in windows and run a command below it doesn't trigger a Powershell detection.  However, when I add powershell in front of the command it does trigger an eve

...

Slow Dashboard in Cortex XDR Version 3.9

Hi Community! Our Tenant was recently updated to XDR version 3.9 and since then the main dashboard seems to be much slower and unresponsive. Anyone else in the community experiencing this? I have been testing using Edge and chrome the quick launcher

...

Resolved! Windows Event Collector

Hello, 

 

I want to activate Windows Event Collector on my system. I am looking my documentation. https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Pro-Administrator-Guide/Activate-the-Windows-Event-Collector?tocId=JKwlSDeDaqpS9R1bOJda

...

Resolved! Cortex XDR flagged malicious macros


Hi team
Cortex XDR keeps generates hundreds of alerts due to suspicious macro detected in my network. 
Severity : High
Alert Source : XDR Agent
Action : Detected (Post Detected)

Category : Malware
Extensions : .xls .tmp .xlt  .xar

Seems Cortex deletes al

...

chawki by L0 Member
  • 2732 Views
  • 5 replies
  • 4 Likes

Resolved! XQL Query - Machine Custom Reports

Hello,

good afternoon.

I currently have a few machines and xDR installed on them.

I need to make a weekly report with the information of the machines and the scan previously configured.

Currently, what I have configured using XQL Query:

 

-> Checks i

...

Resolved! XDR Console Access

Hello, 

 

Sometimes, I cannot access to the XDR console. It is just loading but nothing showing, just a white page. I have internet access. It happens sometimes and after about 15 minutes, the problem disappears. 

 

What can be the reason for that?

Resolved! Cortex XDR

Hi Community ,

i Had Came Across Some of the Questions Regarding Cortex Xdr , Hope you'll help me with Narrow Down The Rabbit Hole 

1. Why the Cortex scanning the files on the Endpoints that has the benign Verdicts in the Scanning Phase .

2. There ar

...

Yayati by L0 Member
  • 1332 Views
  • 1 replies
  • 0 Likes

Resolved! Automatic updates from Cortex XDR in Intune

Hi Everone! Hope you can help me 

 

I have acustomer use both Cortex XDR on their endpoints for monitoring, and Intune for app deployment etc. When receiving a new PC, it is configured through Intune. However, currently, the customer has to manually

...

  • 2078 Posts
  • 82 Subscriptions
Top Solution Authors
Top Liked Authors