This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4397 Views
  • 0 replies
  • 3 Likes

Exception and exclusion tips & trick / best practices

Hello, I'm looking for best practices or guides on how to add exceptions and exlusions in Cortex XDR. All I found was this LIVEcommunity video - https://www.youtube.com/watch?v=dlbxibEtxR8, but it was added before Disable Prevention Rules was available. It think this feature changes a lot regarding this topic. What do you recommend using and...

Resolved! Find file hash sha256 when i know the filename

Hello team, Hopefully someone can help me with my problem . I have a list of application name from Host Insights but i can't find the sha256 of the files anywhere. I need to investigate them to see if they are malicious or not . I used the following query but it doesn't return anything : "dataset = xdr_data |filter action_file_name = "fil...

Resolved! Vulnerability Assessment Applications / host insights addon

Hello dear community! From my perspective, this documentation brings more questions, than answers. There is written cortex does not collect CVEs for Applications. " Cortex XDR lists only CVEs relating to the operating system, and not CVEs relating to applications provided by other vendors. " Then its written " Cortex XDR ca...

Cyber1985 by L3 Networker
  • 11554 Views
  • 12 replies
  • 0 Likes

PALO ALTO CERTIFICATIONS

Hello Team, Please help me with the names and links of the certificate and training links for all the certificates offered by Palo Alto related to Cortex XDR, Prisma Cloud and SoC along with the cost of these certificates. Thank you in anticipation. Regards, Shashank Sinha

Resolved! PortableApps - Block all

Hello, I would like to know if anyone has ever blocked portable applications... We would like to block PortableApps (PortableApps.com)... without blocking them one by one, as there are many. Has anyone ever blocked them using a wildcard in the process name? I know it's not entirely secure to block solely based on the process name, but it would ...

tlmarques by L4 Transporter
  • 2438 Views
  • 1 replies
  • 0 Likes

Can XDR replace Trend Micro Deep Security

Hi Team, Our client has both Trend Micro Deep Security and Cortex XDR installed on their servers and is evaluating the feasibility of just keeping the XDR. Trend Micro has the following modules on them, kindly let me know if XDR also has these- Anti-Malware Web Reputation Intrusion Prevention Thanks Shahwaz

Cortex XDR opt disk space issues

Hello Team , Is there anyone also facing issues with opt file system where Cortex XDR directory is consuming lot of space and getting full? How we can remove or free up space for Cortex XDR directory in opt ? There are multiple use cases where opt file system is allotted with limited space and cortex XDR is consuming most of it. Please let ...

Cortex XDR : Run Endpoint Script

Hello Everyone, I have an issue with the action "Run Endpoint Script". I want to trigger an executable file (.exe) through the "Run Endpoint Script" action from Cortex XDR. This executable is used to uninstall a specific software (It is not installed with MSI file, the executable file is the only way to uninstall it). I want to use the endpoin...

Error 1602 on install Cortex Agent

Hi! I have a problem with the installation of a Cortex Agent. I'm Installing version 8.2.0.46438 on a W2019 and W2016 Server, but in a few servers the install gets the attached message (i have a lot of other 2016/19 servers running OK). Please if you can help me to resolve this issue. Thanks!

  • 2610 Posts
  • 98 Subscriptions
Top Solution Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks