Block logs to Data Lake from specific endpoint

Hello,

I have a case where logs are delivered to Data Lake from endpoint were we're unable to uninstall Cortex XDR agent. We also can't connect to this endpoint to take manual actions to stop receiving logs from it.

Is there any way to block/preven

Stopping Python Execution will affect Cortex XDR py scripts functionality?

Hello dear community!

I want to stop every python prozess with an bioc. 

Will this also affect the script functionality from the Cortex XDR Pro agent?

BR

Rob

Endpoint Operational Status

Currently, our devices are unprotected state and partially protected state due to disk consumption. 

Is the data in the cortex xdr incrementive or does it delete itself after sometime ? 

What is the possible solution for this issue ?

How do we diff

Protection against Hack5 tools incl. USB Rubber Ducky

Hello dear community, 

Has anyone of you expierience with usb rubber ducky and cortex xdr? 

Our supplier couldn't answer this from the beginnen of the poc. (~1Y)

Maybe the collection of a community like you get this question faster answered? 

I wou

New to Cortex - Whitelisting files/paths, are they needed

I am looking for definitive answers on whether or not exe files should be whitelisted and where they should be whitelisted within Cortex?