Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Cortex XDR agent error 307

Hi all, I have an issue that started popping up with an agent installation - newly installed agents throw out a 307 error. the package is present on the xdr management console, and we are beneath the license limit. 

What can be the issue here?

Scan endpoint error

Hi, I need help, I have Cortex XDR policy to allow scans on the endpoint, however users are unable to start the scans, the option does not appear

I can only scan, with cmd as administrator (cytool scan start) , in the GUI I can't even do it as admini

...

tlmarques_0-1706887670317.png
tlmarques_1-1706887790216.png

BrokerVM HA cluster

Hi team,

 

I created cluster from scratch and added here 2 brokervm, then for new cluster I assigned dedicated IP address and FQDN, then in local DNS is created A record using ha cluster FQDN and dedicated IP address. Is ti true way? because I tried

...

Sadig by L0 Member
  • 743 Views
  • 3 replies
  • 0 Likes

Resolved! Initiate Script on Endpoint via API call

Hi Everyone,

 

I've been running Powershell scripts on my endpoints from Action Center > Run Endpoint Script > Execute Commands in the XDR interface. It works well, however I need to specify a manual query to target the endpoints I want each time i.e

...

Cortex Screen Shot.jpg

Cortex XDR unable to uninstall

In Win 10 Pro 22H2 19045.3930, Cortex XDR agent unable to uninstall or upgrade in one user pc. Agent setup unable to find in control panel installed applications. Present agent version 8.2.0.46438. Worked on uninstalling from action response, endpoin

...

Resolved! Managed Digital Signers Block List

Hello All-

 

I am hoping this is a quick question as I did not find this in XDR documentation.  It is my understanding that Palo manages a "trusted signers" list.  Is there a way to leverage a similar list to automatically block the use/execution of

...

Resolved! Impact on licences expiration #Cortex XDR

Hello

My Cortex XDR licences expire in a few weeks

I can't find the exact impact, I suppose that the new malware signature won't be updated but :

- Will I be able to handle to connect to the console, to handle the agent

- Will the agent still work?

 

...

  • 2054 Posts
  • 81 Subscriptions
Top Solution Authors