7.9.100-CE version is it necessary to upgrade with CE version

Hi All, 

We have received an update regarding the 7.9.100 CE  hotfix for cortex xdr agent.

Can someone please let me know whether this update fixes the upgrade failure of windows 7 Operating system or upgrade failure of cortex xdr agent. Also, is i

XQL Query: Hunting for git related activity not related to Github

Good Day,

I am fairly new to Cortex but have been looking to detect git related activity not associated to Github. I believe I have a decent grasp on the volume as well as the observed destinations. I am running into issues differentiating what ini

Any guidance around regex for exceptions?

We are running into issues when we need to provide exceptions for command line for Child Process Protection, and it is a struggle even when it is supposed to be a simple wildcard use. 

Has anyone run into this issue or have tips on how to go about

User activity

Hello,

I used Cortex XDR for Endpoint Security, but I would like to know if XDR can identify and report user activity and time spent on it.

Thanks. 

How to create group

 we want to create a group on the cortex console but we have the below concern 

• how to we add all the endpoints to the group 
• if any new endpoint is newly connected how to automatically added in the group

Is it possible to block accessing or mounting network shared folders?

Hello,

i am trying to configure a new profile, and i wanted to know if it’s possible to blocked accessing network shared folders and mounting network shared folders.

Best Regards, 

Cortex XDR 

Feature request: Vulnerability Assessment with respect to minor builds

Would like to request new feature development / Host Insight module improvement to have Vulnerability Assessment (Cortex XDR) with respect to minor builds? The issue is described in https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u

Share Your Cortex XDR Experience on Gartner Peer Insights

As a valued member of our Cortex XDRcommunity, your opinion is important. The Cortex team would appreciate if you'd share your experience with Cortex XDR on Gartner Peer Insights by writing an Endpoint Protection Platform (EPP) review. 

Reviews are a

Is There a Way to Escape the asterisk (*) character with Query Builder/XQL Queries

Hi,

I'm trying to run the following to run the following query in Query Builder:

The query itself contains the command:

"del *.log /a /s /q /f"

I was wondering if there is a way to escape the asterisk character after the "del. " part of the comma

Need help to create XQL Queries

Dear All,

I need your help and advise to acheive the below requirement in XQL query.

1. Agent malfunction/ no content updates/ no upgrade
2. Agent partially protected/memory storage/junk storage
3. Network malfunction, not able to connect back.

agent connection lost

some of the agents its showing connection lost any solution for this we already installed the agent but we need the root cause