Hi,
According to the Cortex Helpcenter Cortex XDR Agent version 8.0 should support Windows 7 SP1:
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/8.0/Cortex-XDR-Agent-Administrator-Guide/Cortex-XDR-Agent-for-Windows-Requirements
But when tryi
...
Can we view application ,web browser activity on support file and how to open support file
Hi Team,
Anyone having detection logic XQL query for CVE-2023-23397 - Microsoft Outlook EOP ? Cortex XDR #DetectionLogic #XQL #ThreatHunting #CVE-2023-23397
Thanks,
Gokul K
I have gotten managed firewall onboarded but even after a cert fetch panorama still does this any idea's
This is more from how people are hunting with different EDR tools, so just throwing out something with XQL to the community which might be helpful for us all:
Note: All of the below queries are created from an environment which does not uses 3CX so
...
Hello,
Is there further documentation on what the required permissions and API key needs for the File Retrieval action?
https://cortex-panw.stoplight.io/docs/cortex-xdr/058f77d40dd35-retrieve-file
We have a provisioned an API key and gave it al
...
Hi,
Good day!
Can you please tell me if we have a chance to check the application and websites which we have used in the recent time in the endpoint using the cortex XDR console?
Hi,
We're using the autoupgrade feature in the Agent Installation profile at the moment to upgrade our agents to the latest 7.9 client. We're looking at moving up to version 8 shortly, I've upgraded a group of test machines and all looks good. We
...
we have a new requirement we need to block Excel macros for specific groups of user anyone know how to block
Software needs to be blocked for end users, but the hash value changes, or if it's installed in a different location, the user can still access the software. Can anyone offer a solution?
Hello, in our environment there are users across multiple departments reporting that Cortex XDR RTP periodically stops itself due to an "adaptive policy", causing them to fail hipchecks and have their network access restricted. These users are primar
...
Hi,
We are seeing a lot of events from CORTEX "A Successful login from TOR". Anyone else with this problem?
Seems to be a bug.
XDR Analytics BIOC
XDR BIOC
PAN NGFW
XDR IOC
XDR Analytics
XDR Managed Threat Hunting
XDR Agent
Hello, Everyone!
I would like to know how this can be implemented - I want to block suspicious remote control applications (BIOC) Cortex XDR.
I want a reply from the Palo Alto official. Thanks.
Hi Guys,
In the Artifacts section we are not able to see the VT Score . For this we are manually copying the IP's , Hashes & viewing in the Virustotal console.
Got to know we need to configure the API key but the concern is what data does Cortex XDR su
reaper
on:
block powershell but allow only specific powershell script
