Migración de NXS - Broker VM

En mi organización tenemos equipos que no tiene salida directa a internet, y para ello utilizamos Broker VM.

Por temas asociados a Infraestructura, se están migrando servidores de NSX. Desde esa área me comentaron que para realizar esta migración, cl

XQL or API access to Vulnerability Assessments

Is it possible to access the vulnerability assessments via XQL and/or API

I've been tasked with looking at the possiblity of taking the CVE lists from vulnerability assessment and matching them to MS KB. I don't want to be manually running reports

Delete detected infected file

We have malicious file detection on the clients. When they try to execute a task, Cortex blocks the action, but not the malicious file.

Could we have any documentation on how to delete the detected malicious file?

Thanks

How to Identify Endpoints triggering Application Restriction Profile

We have created a restriction profile to block executing an application by specifying the exe path in the file path configuration. This profile has been applied to all our endpoint groups to enforce application blocking globally.
We can view the numbe

Exploits Protection interfering with browser launch

Has anyone ever experienced an issue where, after installing the XDR agent on an endpoint (host), Microsoft Edge could no longer open?

Here’s the situation: one of our customers installed the agent, and afterward, their laptop was unable to launch Ed

Create ticket in external ticketing system when an incident is generated?

I'm trying to figure out if it's possible to have Cortex XDR create a ticket in our ticketing system via Web API when an incident is generated.

I know it's possible to send a slack message when an alert is generated, then use slack to call the API,

Installing Cortex Agent on Linux LXD

Hello everyone,

I am looking to install the Cortex Agent on a Linux system within an LXD container. Does anyone have insights or a step-by-step guide on how to install the Cortex Agent in this environment?
Additionally, is Cortex officially supported

XQL How to get all users that haven't logged in in the past 30 days.

Hi,

I'm having trouble putting together a query that'll grab me a list of users that haven't logged in within the past 30 days.

So far I've got this, but I'm not even sure if it's the right approach, so I'm just a bit stuck:

How to enable Vulnerability Assessment on Cortex XDR V4.2

I cannot find where to enable Vulnerability Assessment in Cortex XDR v4.2.
Can anyone help me?

Cortex XDR triggers Code 10 on USB Audio despite exception - Vendor not selectable, need per-device allow without vendor or something

Environment

• Endpoint OS: Windows 10/11 (latest patches)
• Device: USB Audio (composite device, audio system)
• Driver: wdma_usb.inf / service usbaudio.sys (MEDIA class)
• Cortex XDR Agent: 8.9.0
• Policy: Custom Device Control rule set (USB mass-storage