Cortex XDR 7.9 blocking windows defender

Hello,

Since upgrading our endpoints to version 7.9, we keep getting popups that Windows Defender is blocking some applications and now our endpoint support personnel is no longer able to make the needed changes to the local firewalls for the user.

How the Remote IP can be blocked

I want to block a remote IP Which the user been trying to connect, How can I block that remote IP. Please let us know the path for it.

Latest Use Cases

Hello Team,

Can you please help us with some latest use cases.

And if possible Industry-Specific Use Cases focusing on the finance sector.

Also how to fine-tune similar kinds of incidents? Tried to whitelist the exe but incidents still trigger.

Issue while installing XDR on Linux Server

Hello,

Even after installing cortex xdr on linux server it is not reflecting on console . We have tried to cytool reconnect force ,we checked comaptible(it is compatible) we tried runtime stop/start command as well.

The services dypd, analyzerd and i

Malware scan in cortex xdr

What is the difference between canceled scan, pending cancellation  and pending scan with respect to endpoint scaning ?

None: No scan initiated
Pending- Scan was initiated ,waiting for action to reach endpoint
In Progress- Scan is in progress
Success-

Cortex XDR - File Exceptions

Hello,

Could you please help us to understand few queries related to exceptions:

1. How do we create global exceptions for the file paths.
2. Adding exceptions for the files in endpoint scanning module of the profile will only exclude these files

Global Exceptions

Hello,

We need to add a global exceptions on the paths. Currently we have added file paths in endpoint scanning allow list. So can you confirm if we exclude in this scan does it applicable for other profile like Portable Executable and DLL Examinat

Cortex XDR Block List Question

I want to know the maximum number of IOC hash that can be stored in the blocklist of the Cortex XDR Platform.

I want a reply from the Paloalto official. Thanks.

Cortex XDR Configure the disk space to allot for XDR agent logs.

Hello ,

How much disk space should be ideally assigned in cortex XDR agent setting for XDR agent logs? by default it seems palo alto has set 5000 Mb space .  does reducing this space affects the performance of the system or functionality of cortex

how to apply and remove the tags to multiple endpoints in cortex xdr without using any filters

Hello ,

is there anyone aware for the methods to apply and remove the tags to multiple endpoints in cortex xdr without using any filters.

Cortex XDR 

Cortex XDR Blockage activity

If anything needed executable are blocked by the XDR previous we used to add that ***.exe in malware profile. But now we faced that issue that client has connected the clickshare(PC Screen Share) Equipment as it's an external equipment connected to U