Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 748 Views
  • 0 replies
  • 2 Likes

BIOC Rule - CGO V/S Actor_process_image_name

Hi 

I wanted to understand, if i want to see certain cmdline activities from "x" Process.

Want to know what will be more efficient putting the "x" process in "Causality_actor_process_image_name"

or in "actor_process_image" while creating a BIOC

meanmach by L1 Bithead
  • 1779 Views
  • 2 replies
  • 0 Likes

Proofpoint TAP Integration - XQL Query Help

Has anyone worked with PP TAP integration and creating any useful XQL queries to help identify potential malicious mail that a user interacts with?  As example:
Email was not determined "bad" initially but after some sandbox from PP, it is later class

...

HELP - XQL QUERY For XDR and XSOAR

Hi,

I am creating a playbook with the objective of integrating Cortex XSOAR  and Cortex XDR . 

The idea is for Cortex XSOAR  to query Cortex XDR  , retrieve all the assets detected by the broker scanner, and verify which assets do or do not have the

...

tlmarques by L4 Transporter
  • 2591 Views
  • 4 replies
  • 0 Likes

Cortex XDR

Hello, Is there any possibility that the customer may utilize Cortex XDR agent in two domains, taking into account that first one has tenant id, the other doesn't?

Thank you in advance.

Cortex XDR Agent Service Get Stopped.

Hello Guys!

 

Just wanted a clarification that once the Cortex XDR agent service : cyserver.exe get stopped due to any reason.

1.How the system service restarts again ?

2. How many or frequency of  heartbeats does cortex xdr agent send to Cortex XDR

...

Remove enopoint XDR Cortex

Hi 

Can i remove XDR Agent from PC and i don*t have supervisor password for disable antitampering... 

Endpoint are not showing in XDR Console... 

 

please help, i have problems with cca 200pc

 

best regards...

RokGrm by L0 Member
  • 1581 Views
  • 4 replies
  • 0 Likes

Resolved! .csv format change

Hi,

I've just noticed this recently. A while ago when I added .csv file to a report, it was formatted with coma between columns. Now it is using a tab what cusses export to Excel more difficult. Is any setting which can be use to change it back? 

  • 2281 Posts
  • 86 Subscriptions
Top Solution Authors
Top Liked Authors