This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

How IOCs are detected?

Hi,

 

I've recently noticed that an IOC that we created a month ago is still somehow being triggered, therefore an incident is generated. The IOC is a domain that we've found in a phishing email. I haven't visited the domain or clicked on that quaran

...

Question About Custom Logs Time Field

Question

I want to replace _time field value with original timestamp, but I can not find way to do this. 
Please tell me how to replace _time field value or Is this not possible due to specifications?

Background

When we collect logs from XDR Collector

...

HFukuda_0-1725412582774.png
H.Fukuda by L1 Bithead
  • 477 Views
  • 3 replies
  • 0 Likes

Resolved! Cortex XDR Timeline to XQL

Hi,

 

For our SOC report, we want to have this table with the average statistics of last week's monitoring, including average time to assign, time to respond etc. Is there a way to extract these timestamps from the incident's timeline on XQL and ther

...

MOQ - Cortex XDR NFR

Hi team, 

 

May I know, what is minimum quantity to purchase for Cortex XDR (Prevent and Pro) NFR?

Also, is Cortex XDR NFR quotation will consist only 1 line item, no need for any support SKU?

 

Thank you in advance!

Cortex Update

I have an issue when trying to update users to the latest version of cortex. The control panel shows that Cortex is not installed but the Cortex Icon shows up in the system tray and I can access the console from there. When I run the uninstall tool t

...

Feature Request: Version Control for Rules

Would anyone else find it beneficial to have version control for rules made in XDR?

 

I feel like in theory it would be a reasonable lift to incorporate version control for changes made to custom correlation rules, for example.

Parksam by L1 Bithead
  • 669 Views
  • 2 replies
  • 1 Likes
  • 2000 Posts
  • 79 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks