This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4320 Views
  • 0 replies
  • 3 Likes

Resolved! browsers extensions Alert

Hello dear community, I would like to see more rules which are containing everything about browser extensions. Like in chrome, "browser extension was created". I know to manage chrome via GPO, but there are not always Active Directories and I would like to get an alert, when a new extension is installed and also used (when it was already in...

RFeyertag by L4 Transporter
  • 6144 Views
  • 4 replies
  • 0 Likes

Resolved! Cortex XDR XQL query

Hi Community, I have a query regarding XQL. I have a list of over 100 approved application names available. How can I easily find the unapproved applications installed on machines, compared to the approved application versions?

Resolved! Cortex XDR Analytics BIOC Rules' Severity

I am writing to inquire about the procedure for modifying the severity levels of BIOCs (Behavioral Indicators of Compromise) within the Analytics module of Cortex XDR. Specifically, we are looking to understand how to create or adjust a custom rule where we can manually add a BIOC and select its severity level according to our needs. Could you p...

Shell script for removing Cortex XDR from multiple MacBooks

So, as the subject suggests, my colleagues and I are working on a method to uninstall the Cortex XDR agent from of number of computers (Macs). We do utilize the JAMF MDM here and hence why we are working on a script, however I cannot help but to think simply using the tenant to remove these clients would be sufficient but I digress. If we could ...

Disabling CSP Login for Non-Admin Accounts in Cortex XDR with Azure SSO

Hello, I have successfully implemented Single Sign-On (SSO) for Cortex XDR using Azure SSO. Now, I am looking to disable the Customer Support Portal (CSP) login for non-admin accounts. The goal is to ensure that only admin users have the ability to access the CSP, while other users authenticate via SSO. I would appreciate guidance on the best pr...

Disabling CSP Login for Non-Admin Accounts in Cortex XDR with Azure SSO

Hello, I have successfully implemented Single Sign-On (SSO) for Cortex XDR using Azure SSO. Now, I am looking to disable the Customer Support Portal (CSP) login for non-admin accounts. The goal is to ensure that only admin users have the ability to access the CSP, while other users authenticate via SSO. In another hand we are using CSP portal fo...

Uninstall application from user profile via live terminal

Does anyone know how to uninstall an application from a users profile via live terminal on cortex XDR. The user has a windows 10 enterprise computer but its installed on their profile. I am trying to uninstall a software called "Screen Share" (publisher: Screen Leap). I tried the below 3 commands but it wont work. 1) Uninstall-Package -Name ‘...

WaqasS by L0 Member
  • 1942 Views
  • 1 replies
  • 0 Likes

Directory Sync usage

Hello everyone,Just curious who uses the Directory Sync tool out there? If you use it would you mind sharing a quick like/dislike about it? I really want to incorporate it into our environment but not entirely sold on it... yet. Any feedback about it would be appreciated. Thanks!

CraigV123 by L3 Networker
  • 12636 Views
  • 10 replies
  • 1 Likes
  • 2585 Posts
  • 95 Subscriptions
Top Solution Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks