Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.
Can you please help how can we configure FQDN for production and DR broker VM servers in the Domain controllers?
In the Cortex XDR console I am trying to setup a new Endpoint Group using the AWS 'Cloud Info' values as the filter. That info is presented as JSON with various nested values and it looks straight-forward to use, i.e., I can specify the "Cloud Info"
...
Hi Team,
Our internal team is going to enable the feature “Secure Compliance Check” for end users who are working from home. They have enabled feature for other AV solution. Also we want to add the service for "Cortex XDR". There are multiple servi
...
Hello,
We know that cortex XDR takes atleast one month to learn behaviour and then not throw similar alerts.
1. On what basis is this behaviour learning happening upon?
2. Is it based on just the Host or initiator processes that are taking place?
3
...
I tried
$payload = '{"request_data" : {"search_from" : 0,"sort" : {"field" : "last_seen","keyword" : "desc"},"filters" : [ {"field" : "endpoint_id","value" : [ "connected", "connected" ], "operator" : "lte"}, {"field" : "endpoint_id","value" : [ "co
...
Hello,
Is there a limit to pull data from XDR through API?
I understand that query through API has limit but what if we are pulling endpoint information/alerts/incidents through it?
Hello,
Where can I find the agent cleaner file for agents(servers and workstations) running on 7.7 agent version ?
Anyone else running into this today?
Prevention Information:
Prevention date: Wednesday, February 8, 2023
Prevention time: 1:36:40 PM
OS version: 10.0.22621
Component: Hash Control
Cortex XDR code: C0400055
Prevention description: Suspicious executable
Hello,
Can you please help with documentation or steps on how to uninstall and install Cortex XDR in servers and workstations?
Hi everyone,
I want to know whether we can install Cortex XDR agent on the servers which are hosted in any cloud platform like Azure?
What is the recommended practice for collecting XDR Broker Virtual Machine logs and sending them to a central repository and performing anti-virus scans? I was advised not to install any software on the Broker VM and if I cannot install software on
...
Hello,
I need some advice regarding the "Known Vulnerable Processes Protection" for Linux.
This protection seems to prevent the jetbrains IDE IntelliJ IDEA (version 2023.3 build 223.7571.182) from running because of the Java Deserialisation Protection
Is anyone using the "new API method" R7 references?
https://docs.rapid7.com/insightidr/palo-alto-cortex-data-lake/#New-API-Collection-Method-now-available-as-of-January-2023
Hello,
Is Linux AIX , Solaris and Power Linux compatible with Cortex XDR.
I would like to set a detect rule for the servers which installed the agent in the last 30days. After 30 days, Those servers will be applied for block rule.
The current setting is to select the server in the target and remove it from the target aft
...| Subject | Likes |
|---|---|
| 2 Likes | |
| 2 Likes | |
| 2 Likes | |
| 2 Likes | |
| 2 Likes |
