Some Alert Exclusions don't work anymore

Hello dear community,

Since some days, my alert exclusions do not work anymore and the alerts are popping up. Now i noticed the quotes in the target process cmd.

powershell.exe -command --> before

"powershell.exe" -command --> from now

What has

Cortex XDR Pathfinder

I dont really understand logic behind PATHFINDER. I installed Broker VM and configured pathfinder. But i can not see anything in Pathfinder Collection Center. I can not find answers to my questions  in documentations. Can anybody please explain about

Webhooks

can we create webhooks on cortex xdr

Cortex XDR: Key Assets & Artifacts overview is currently not updating...

The status of the findings in the incidents overview is currently no longer updated. In the quick view, I see the change, e.g. 'Benign', but the entry in the 'Key Assets & Artifacts' shows still the initial classification. This behaviour has been goi

XDR on AS400 servers

Hi,

Is Cortex XDR supported on AS400 servers?

Kindly provide documentation related to it.

Thanks

Change default password for agents

Hello, 

1. Can we please know the recommended procedure to change the defalut password for agents.

2. Is it possible to change the password for particular endpoints? 

3. Will there be any operational issues or impacts if we perform this acitivity? 

XDR Auto upgrade Scope

XDR allows you to auto upgrade agent to any of the below:
 
Latest agent release
Only maintenance release
Only maintenance release in a specific version
Upgrade to a specific version

I want to check what exactly does "Latest agent release" means ?

Accor

Alerting Endpoint misses an endpoint group allocation

Hello dear community!

as you know, there are sometimes changes (computer names, domains, etc.) on the endpoints. 

And know there is also a cortex version from PA, which has the problem too "kicking" out the endpoint from the endpoint group (not rea

Excel not working with cortex

Hello,

We are facing issue while working with excel files when cortex is enabled, when we disable the protection excel start working properly, but when we again enable it, excel takes long time to open or close the file.

Kindly suggest.

Than

Periodic Scan on endpoints

Hello,

We intend to initiate malware scans on all endpoints. Which is the best approach to perform a periodic scan, is that on a weekly or monthly basis?

Exclude single .exe on single endpoint

Pretty simple need here....

Installing the latest version of WSUS Automated Maintenance from AJ Tek on our WSUS server and Cortex is blocking it with the description "Suspicious executable detected". How do I allow this to install? Is the best way

Cortex XDR: False Positive detection of LimaCharlie sensor (EDR agent)

A number of our customers are complaining about our domains being flagged and, in some cases, blocked by Cortex XDR.

The domains in question are:

limacharlie.io
9157798c50af372c.lc.limacharlie.io
70182cf634c346bd.lc.limacharlie.io
4d897015b0815621.l

Analytic BIOC Rules, right click open in query builder, informational severity not available

We have a support ticket open for "informational" analytic BIOC rules that are not alerting.

These do not show up in the incidents or alert table, but the number of alerts in that column has more than 0

Support has indicated there is not a way to view