Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
Hello,
How Legacy Exceptions are different from Policy/profiles in Policy management.
Hi,
Hi have this personal computer which I used for work several years ago (5). I started working for another company and stopped using this computer for work stuff.
Recently, about a year ago, I started using it again for all kind of things (str
...
Hello everyone,
I need your help because I want to create a BIOC deletion rule, I have the hash, the username and the path but I would like this deletion to be effective during a specific time slot, can it be configured?
Hello,
We have noticed that the user can simply exit the XDR on the system tray. Is there any way to block the exit button with admin rights or any way possible to avoid stopping the app?
Hello,
i know that i can block specific files in cortex but i am looking for a solution how i can block only .exe files in Users download folder.
In the Malware Profiles i can see that there is only a allow list where i can write single filenames t
...
In a document provided by my company some time ago, we were asked to install Traps on our personal computer, however, I found that it blocks certain programs(video game) when I'm not working. It seems it's not possible to uninstall this and a supervi
...
Hello,
What exactly is the use of the feature called active assets and active managed assets in the IP ranges section under the Network configuration module.
Hello dear community,
what is your expirience with slow applications when printing, saving documents (not responding) on a terminal server?
Yes, there are over 30 users on it and it was a bit slow before cortex xdr pro rollout. But now it is terri
...
Hello,
1. If we create a policy related to scanning of endpoints and apply that policy in all the machine and run it on all the machine at the same time. Is it this method possible? Will it create any issue?
2. Pop up messages to users for malicious
Hello,
Currently we are trying to create a query that gives us the result if the user has executed Sudo command and then right after executed the cd command. Is it possible to write a query that searches for commands executed one after the other?
...
Hello,
We are trying to create a quarantine policy for machines that are not connecting to the console, so we are checking if NAC solution can fetch these details and based on that policy can be created. And also, where (file path or file name) can w
...
Hi All,
Is it a good idea to enable the XDR host firewall to manage all endpoint communication? or is it better to keep the default windows firewall enabled without using the XDR firewall?
I would be happier if someone suggests any article/docume
...
We received couple of alerts on rare iptable delete command.On checking the host activity, we could able to observe all commands including newly entered command in the host machine but not able to see the iptable delete/flush command in the activity
...
Hello dear live community!
We are now at the step where we connect some Servers to Cortex XDR which should not connect directly to the Internet.
In the first mind we talked about the Tier 0 server. Today I was asked why we cannot bring all the se
...
I am working on the integration between CDL and R7 IDR SIEM and this is not working. I don't get pass the test connection on CDL.
https://docs.rapid7.com/insightidr/palo-alto-cortex-data-lake/
https://docs.paloaltonetworks.com/cortex/cortex-dat
...
