- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.
Hello,
Generally what is the resource utilization (memory, CPU, etc. ) by the XDR agents during the scans.
Has anyone else been encountering situations where the Action Center is snail slow in processing any actions i.e retrieve support files, search files & delete by path etc.?
Dear all,
Does anyone knows the specific endpoint to disable Policy Rule through the API?
In the API Doc only shows get-policy associated to endpoint.
Thanks in advance!
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-API-Refer
...
Hello,
Hello,
Is windows os 2008 compatible for the installation of Cortex XDR ?
Windows server 2008 and windows 8, windows 8.1?
All Windows 8 variants are supported until January 2023 (Microsoft EOL + 3 years). Release 7.9-CE offers continued support for Window
...
Hello,
Can you please help with the below query.
What happens if we install more agents than the license and do those extra agents not work with maximum capabilities? If yes then what are the capabilities that don't work?
Hi All,
Please suggest me the supported Cortex XDR agent version for Windows Server 2003 opreating system.
I have a scenario where I have installed a new Canon LiDE400 scanner on a classroom windows 10 desktop using the Canon Driver from the Canon Website.
Reboot the desktop and runs fine. As soon as you launch any software that calls upon the scanner (
...
How to fine-tune the incidents similar incidents. We have added the hash and file path of such incidents on allow list and used the feature to exclude alerts. Still, we see incidents getting triggered.
Hello,
Since upgrading our endpoints to version 7.9, we keep getting popups that Windows Defender is blocking some applications and now our endpoint support personnel is no longer able to make the needed changes to the local firewalls for the user.
...
Does anyone have a template or advice for best practices configuring the host firewall?
I want to block a remote IP Which the user been trying to connect, How can I block that remote IP. Please let us know the path for it.
Hello Team,
Can you please help us with some latest use cases.
And if possible Industry-Specific Use Cases focusing on the finance sector.
Also how to fine-tune similar kinds of incidents? Tried to whitelist the exe but incidents still trigger.
Subject | Likes |
---|---|
2 Likes | |
2 Likes | |
2 Likes | |
2 Likes | |
2 Likes |