Hello,
Can you please help with co- relation rule for detecting one host scanning multiple ports
Regards,
Shashank
Our company's developer is creating a test application, but Cootex is blocking it because it is unsigned. Please let us know how to resolve this.
Hello,
I would like to know about the browser version present in the system. Is it possible to get this detail from cortex XDR console?
Thanks in advance!
Regards,
Sakshi Seth
What I've found in the information available in the Reports of XDR seems to be fairly high level data.
I'm looking to get some more detailed information.
Kind of like what I can get by filtering my Endpoints and manually saving to file.
Is this possi
...
Hi,
There were endpoints that were visible earlier in the console couple of days back but now we are not able to see them.
Also, I can see their latest entries on the agent audit logs
Thanks
Hi All, we are planning to enable the auto-upgrade feature in our environment. One of the questions I was asked is what directory does the package get pushed to and installed from?
For example, does a package get pushed to C:\Windows\Temp and then
...
Hello
How can we perform agent upgradation on VDI pending logins servers in cortex xdr?
Cortex XDR
By compliance, we need to set periodic endpoint scans. We have several endpoints which have network shared folders in common, and we wouldn't like to scan the same network shared folder several times at the same time. We would like to kno
...
I tried to activate syslog collector applet in Broker VM but the connection status goes from connecting to connection failed/error. Kindly help if you have troubleshooted this issue.
Cortex XDR
Hello,
I know this migth not easy to answer, but I'm going to take my chance anyway.
Are there any incident best practices for (each) Cortex XDR detector documented ? For example what a certain detector means, what the best thing is to do in this case,
Hello community, does anyone have more information pertaining to Ransomware Protection (Protection Mode) between "Aggressive" vs "Normal"?
From what I understand is that aggressive mode will have decoy files being created on the local machine.
is it possible to create a query to detect a specific java injection process?
Regards,
Shashank
Why does cortex XDR increase cpu usage ?
And after agent upgradation does cpu usuage increase?
what all other factors are there for high cpu utilization because of cortex xdr?
Hello dear community,
I'd like to make the Disk encryption visibility module visible to our trainee. How is it possible, I couln't find any possibility.
BR
Rob
Hey dear community,
Threat actors often rename apps. Like a.exe instead of anydesk.exe. But they do not change the versioninfo.
https://www.youtube.com/watch?v=oMAvSpq9fYY --> Minute 37
Is it possible to track this with cortex xdr pro?
BR
...
reaper
on:
NGFW User-ID and Terminal Server (TS) Agent Self-Signed Certificates expiration
