Simulating "Respond to Malicious Causality Chain" feature
Hello there,
As the title suggests, we are looking for a test we can simulate the behavior (have kali / attacker / victim test environment).
Any suggestions?
Thanks
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.
Hello there,
As the title suggests, we are looking for a test we can simulate the behavior (have kali / attacker / victim test environment).
Any suggestions?
Thanks
CRITICAL - Linux version of Abyss Locker ransomware targets VMware ESXi servers
Links for more information:
https://www.bleepingcomputer.com/news/security/linux-version-of-abyss-locker-ransomware-targets-vmware-esxi-servers/
https://researchsnipers
...
Cannot upgrade The Cortex XDR fr
om 7.2.1 to 8.1.0.41560
Dear All ,
Once XDR taken action on a set of files which seems to be suspicious . Apart from Wildfire verdict , its also shows XDR action like Detected , Prevented (blocked ) .
How can I confirm Actual Action by XDR is Quarantine / Cleaned / Del
...
Hello everyone,
does anybody know if the Cortex XDR agent for Linux systems is officially certified for SAP HANA environments (Redhead) ?
Are there any documentations about this? Haven´t found anything to this.
Thanks and regards,
Tobias
Hi All, looking for some help here... We recently added some new team members and they have somewhat limited access to the Cortex XDR Console.
The one thing I'd like them to have is access to report a verdict as incorrect. I can't seem to find any
...
Cortex XDR
While installing Cortex agent 5.0 on windows 8.1, we are facing this issue.
pls help on it...
Hello Team,
Can you help with below queries
Hello
Is there any solution to export the allow list in prevention profiles?
For an example the malware profile?
I already checked in XQL.
Found no dataset where these informations could be exist.
Anyone any suggestions?
Cheers
Tobias
Dear community,
I would like to block connections to specific domains using BIOC,
but I found that the "Add to restrictions profile" button is missing when right-clicking on a BIOC rule.
Why is there no such button? Alternatively, is there any way to
DTRH: CIS Benchmarking
3rd Party Data Ingestion | Data Parsing | Widgets & Dashboards
Overview
In this DTRH we will look at adding valuable data into XDR from
...
Hey dear community,
is Cortex XDR Pro using the base from the https://www.loldrivers.io/api/drivers.csv list? I am asking because I could build my own IOCs from this list and I want to know if it is necessary.
BR
Rob
Hello, experts,
Found out the Device control which can be temporarily allowed to my USB device when my EP is connecting to the Internet/XDR Portal.
Just wondering if we could temporarily allow the USB without (the EP) connecting to Portal?
Thanks,
S
...
Hello dear community,
we had a nice expierience today with a FP (IOC, IP). We got about 2000 E-Mails and there were more than 5000 alerts, so Cortex auto disabled the IOC. So far, so good.
In our case it would have made sence to reduce the tresho
...
Hello,
We are using Pro Per Endpoint license.
Is that possible to integrate Third party security solution with Cortex XDR.
If it is Yes, Which tool we can integrate as a best practice.
User | Likes Count |
---|---|
3 | |
3 | |
2 | |
2 | |
2 |