Existe uma forma de forçar a remoção do Cortex 7.9 do ambiente que eu não tenho mais senhas de gerenciamento ou remoção, já que o parceiro rescindiu o contrato e não forneceu o mesmo.
Hi Community
We're facing an connection issue with Endpoints using Broker VMs (agent proxy). We opened a TAC case, but it's stuck. There is no useful help yet.
- Endpoints are isolated from the internet (no direct or webproxy access)
- Endpoints are
Hello Team,
We need to change rsyslog.conf file. Please let us know if this file can be changed and is it recommended to integrate the BVM server with the SIEM?
Hi,
We've a problem with installation cortex xdr 8.1 on Windows Server 2008/2012 and Windows10_v1607....
All machine need the AZURE update https://support.microsoft.com/en-us/topic/kb5022661-windows-support-for-the-azure-code-signing-program-4b505a31-f
Hello dear community,
is it possible not to overwrite disabled IOC with API Upload? If the indicator is disabled, it should stay disabled. But atm it isn't like that, the indicator is beeing deleted, written into the ioc table and get's activated
...
How to generate private and public key pair for accessing DR broker VM and let us know how to use the key pair to access the BVM.
Hi,
ill soon have to migrate a customer from prevent to pro. My question is i heard, that Palo just has to change the license in the background and that would be all i just have to enable the pro feature in the policy. My only concern is, that the
...
Hi community
I wonder if are there any of you who succeed/ever experienced creating Exclusion Rule in Cortex XDR but the rule will only be applied if the incident occurred at a specific time. As I read Palo's documentation and dig down into the com
...
I tried reg and cmd lines with bcdedit options to set safe mode. They didn't trigger an alert. Also booted into safe mode and didn't trigger. What is the trigger?
This question was asked as part of the Cortex XDR Customer Success Webinar: What's Ne
...
Hello,
Is the API function available to run the "File Search" operation? --> (“Incident Response --> Action Centre --> File Search- Sha256”). Did not find this option in the Cortex XDR API documentation, however, wanted to confirm and check if this c
...
Hi Team,
I need to whitelist repetitive alerts triggering for ( 'Large Upload (HTTPS)' alerts detected by XDR Analytics ). Kindly help with how it should be done.
Regards,
Shahwaz
Hello Community,
I would like to create an exception rule for an IIS worker process w3wp.exe, which module would be the appropriate one where the exception would reside.
Based on the documentation here EXPLOIT SECURITY POLICY offers protection ag
...
All,
When looking through the log file of the agent, I ran across this. Can anyone tell me what its for and why is it missing? This was a fresh install of the latest Cortex agent. Thanks.
Payload archive file \"C:\\ProgramData\\Cyvera\\LocalSyste
...
For some reason we paused the protection on the endpoint, Is there any option to auto resume the protection?
reaper
on:
NGFW User-ID and Terminal Server (TS) Agent Self-Signed Certificates expiration
