IPv6 feature
Hi,
Prior to the release of the cortex feature update, were IPv6 enpoints not supported by cortex XDR? Have any new IPv6-related components been added?
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.
Hi,
Prior to the release of the cortex feature update, were IPv6 enpoints not supported by cortex XDR? Have any new IPv6-related components been added?
I can't find information about this PSE-Cortex exam on the official site. And yes, how to prepare for this exam, with which practice tests can I prepare for this exam? I have consulted many certified people, and they have mentioned many sources.
Hi all, we are observing this behaviour on some domain controllers where xdr agents losing connection to tenant and the only way-out is to remove them via xdr cleaner and reinstall, only to fail again in a bunch of days.
We are out of ideas, obviousl
...
Hi all,
We're trying to bring our few Macs into the systems management fold, and being a Microsoft shop we want to use InTune to manage them.
Most Mac packages install files and then are configured in a separate set of commands after install. The XDR
...
Hello everyone,
Under the prevention profiles XDR agent has the capability to scan your network and find assets not onboarded using ping or nmap.
This setting also requires that you enable network location configuration.
This is from the docs:
"When
...
Hi All,
We are using XDR Pro version with agent version 8.2. I am curious about this OS fingerprinting feature under Distributed Network scan setting in Agent profile. I have already configured Network Location Configuration and also configured other
We updated Cortex XDR agent on a number of VMs and on some of them the Print Spooler service (spoolsv.exe) started crashing repeatedly, causing disruptions to operations.
Is this a known issue? Are there available workarounds or ways to resolve it sh
...
Hi!
I have a machine with Operational Status Data as:
Xdr Data Collection Not Running Or Not Sent
Module is disabled by Adaptive Policy
Btp Not Working
Module is disabled by Adaptive Policy
How can I remediate this machine so that its status
...
I have created some filters (via the Alerts table) while doing some investigations. It ended up being useful and needing an automation rule. However, when I went to the automation page and looked at the filters, they were blank. I shared the filters
...
Hello-
Does anyone know the following details to how the product manages the retention for logs and quarantine?
I understand you can set the log quota to a specific size. This will leverage that on local disk. What I am not clear on are the followin
Hi Community,
We are using Nessus scanners. Why should I enable cloud compliance in Cortex XDR agent, and what is the main difference between Cortex XDR cloud compliance and Nessus scanners?
Hello Team,
Could anyone assist with generating alerts and creating test cases or samples for testing the Cortex XDR protection module?
We successfully generated an alert using a WildFire PE file, but we now need to generate alerts for each policy
...
Hi,
I wanna sort my query as operational_status in (UNPROTECTED, PARTIALLY_PROTECTED) everyday (Like from Monday to Sunday Statistics)
My query looks like this
config case_sensitive = false
| dataset = endpoints
| filter operational_status in (UNPROT
I am new to using xql and I am having trouble getting the information I need using a search query. I need to pull a list of all Mac_OS hosts and then within the applications field return the version of NetSkope installed on the client. I have started
...
When I configure Forensics, at the 'Endpoints' step, it doesn't show the name of any endpoint. "Monitor and Collect Forensics Data" is enabled on Agent Settings. User role is Instance Administrator. Triage type is "Online".
User | Count |
---|---|
6 | |
2 | |
1 | |
1 | |
1 |
Subject | Likes |
---|---|
3 Likes | |
3 Likes | |
3 Likes | |
3 Likes | |
2 Likes |