Cortex XDR - Endpoint Group changes notification contain problem

In Cortex XDR, on the Endpoint Group side, we statically select different endpoints for certain groups. We receive notifications about changes in those groups, but the notification does not show which computer is selected statically for that group. F

Cortex XDR service allocate Seperate/additional CPU

Hello Team,

Cortex XDR service to be allocated separate/additional CPU threads other than CPE & ICN WAS CPU.

Is it fine to go ahead or will it cause any issues.

Custom Widget to Show All Alerts and remediation steps

Hello,

I am trying to create a custom XQL widget to show all non info alerts and the suggested remediation steps in last . Please advise!

Question regarding random Decryption when using Cortex XDR

Hello all,

Wanted to ask if any of you had something similar happening around.

Scenario : 

2 systems (just as an example, as they are more) - 1 of the systems gets decrypted after a system update was done (BIOS, driver updates etc.) , the other system d

Administrator group from the XDR console

Hello,

We need to pull out list of member IDs from Administrator group from the XDR console.
Kindly help us in retrievng that data from the XDR console.

Need the details regarding Cortex XDR agent traffic to internet or broker VM

Hello Team,

Please let me know how much 1 agent of Cortex XDR can send request to XDR cloud(internet) or broker vm send request to cloud in duration of 1 minutes of time.


Need this information to understand about the Cortex XDR agent traffic towards cl

How to import a multiple hash value in block list

Hello ,

Is there any option available to upload multiple hash value in block list using CSV file.

I had checked for cortex xdr import file hash exception however its really difficult to find out the filetype for each hash value. So is there any o

Agent Upgrade Failure

Hello Everyone,

I'm having a problem when upgrading an agent, it just gives timeout.

From what I can understand, both these systems are "the same" but CALPE doesn't upgrade...

I saw that it could be from a problem with Windows Azure Code Signing K

How I can Use host Firewall on Cortex XDR for blocked RDP conexion

Hi everyone, I'm new user of cortex.

I need your help to use Host Firewall on Cortex for block RDP coneccions and permit only some groups,

I can block it using port, but I need allow conexion for IT group, i created two rules, one blocked RDP por

The Cortex XDR not installed still incident getting generated

We have observed incident on the server in which Cortex XDR is not installed. The system is only present in the asset inventory. How is this possible, on what basis incident is getting generated?

Incident Name: Multiple Rare LOLBIN Process Executions