Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
Hello,
We need to pull out list of member IDs from Administrator group from the XDR console.
Kindly help us in retrievng that data from the XDR console.
Hello Team,
Please let me know how much 1 agent of Cortex XDR can send request to XDR cloud(internet) or broker vm send request to cloud in duration of 1 minutes of time.
Need this information to understand about the Cortex XDR agent traffic towards cl
Hello ,
Is there any option available to upload multiple hash value in block list using CSV file.
I had checked for cortex xdr import file hash exception however its really difficult to find out the filetype for each hash value. So is there any o
...
Hello Everyone,
I'm having a problem when upgrading an agent, it just gives timeout.
From what I can understand, both these systems are "the same" but CALPE doesn't upgrade...
I saw that it could be from a problem with Windows Azure Code Signing K
...
Hi all
Does someone know which retention period is used for datasets created through correlation rule or scheduled query?
Is there a way in XQL to iterate over an array?
Imagine there is an array of mail receivers i want to check if each one contains a specific keyword such as "@company.com" so that i know there's no receiver outside my organization.
emails = ["user
...
Hi everyone, I'm new user of cortex.
I need your help to use Host Firewall on Cortex for block RDP coneccions and permit only some groups,
I can block it using port, but I need allow conexion for IT group, i created two rules, one blocked RDP por
...
We have observed incident on the server in which Cortex XDR is not installed. The system is only present in the asset inventory. How is this possible, on what basis incident is getting generated?
Incident Name: Multiple Rare LOLBIN Process Executions
...
Hi,
I have a few Windows 7 and Windows 2008 R2 machines, cannot upgarde Cortex XDR from 7.9.1 to 7.9.2, error message says I am missing Azure Code Signing support and to see KB5022661.
No luck googling, hopefully somebody has a tip for me.
Does XDR has the capability to identify and block admin access on end user workstation?
Hi all!
Still fairly new to Cortex XDR. Currently trying to make some sensible alert automation rules.
I have a specifik alert that puzzles me. I get some "FTH/SSH client reads office files" alerts. I have a legitimate use case for this, so I want to
Is it possible to use Cortex XDR to analyse malicious Microsoft Office files, such as Word, Excel and PowerPoint documents? If I right click on Office file and choose Scan with Cortex XDR will Cortex check if that file is not used for delivering malw
...
Hi, everybody,
I plan to accept Legacy Exceptions générated from my profile based policies.
Major part of the endpoints are running [CE] versions, prior to 7.9. All these versions are supported.
Does anyone had problems when activating these Lega
...
Hello
Does anybody know what happens to the configuration of existing prevention profiles when the "Host Insights" license is activated? The environment currently has several prevention profiles that have the "XDR Pro Endpoint capabilities" enable
...
There's many situations where it would be convenient to receive a notification when a device is online. We often run into this when a device is isolated and we are unable to contact a user. Since there is no native ability to trigger an alert or n
...
reaper
on:
NGFW User-ID and Terminal Server (TS) Agent Self-Signed Certificates expiration
