Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.
Hi Expert ,
I would like to get all endpoint install xdr but would like to know condition last seen such as more than 1 month I use python
Thank you
Dear community
When using the Vulnerability Assessment with Linux hosts, the results may include a lot of false positives.
Distributions which are backporting security fixes (CentOS / Debian) do may not change the App Version when they got patched.
htt
...
Dear Team,
We wanted to restrict compilers on our environment after a pentest resulted with Compile Payload Source Code Locally, we have common compilers like csc.exe and GCC/MinGW.
We wanted to know how to identify any common suspicious behavio
...
Hi all.
I am migrating from SEP host firewall to Cortex XDR host firewall. I have an existing rule in SEP to allow EAPoL, I need to know how to set up the same rule in Cortex XDR. In SEP, the protocol is specified as "Ethernet" with a protocol type o
...
need to know if XDR has the capability to perform forensics on Endpoint if user deleted any files on computer. If so, how would you go about performing this task.
We're currently receiving email notifications when an agent version goes EOL, however we don't seem to be notified when a new Cortex XDR agent is released and available for creating installation packages. I also can't seem to find a link or method to
...
Hello
I'm looking for an autmoatisation, where I'm able to download the freshly created xdr-distribution-file.
In my Playbook I've created following steps:
xdr-get-distribution-versions
xdr-create-distribution
xdr-get-distribution-url
Now, the last step
...
Any other format to create reports in cortex XDR other than PDF, like PPT or word format as in PDF not able elaborate properly
any can help better for customer understanding.
Based on what parameter is cortex XDR removing endpoints under endpoint administrative cleanup?
Eg if we chose hostname then will it remove the hostname found first or will delete the hostname XDR found last checked in?
And if we have 2 mac addresses a
Hello dear community,
Since some days, my alert exclusions do not work anymore and the alerts are popping up. Now i noticed the quotes in the target process cmd.
powershell.exe -command --> before
"powershell.exe" -command --> from now
What has
...
I dont really understand logic behind PATHFINDER. I installed Broker VM and configured pathfinder. But i can not see anything in Pathfinder Collection Center. I can not find answers to my questions in documentations. Can anybody please explain about
...
The status of the findings in the incidents overview is currently no longer updated. In the quick view, I see the change, e.g. 'Benign', but the entry in the 'Key Assets & Artifacts' shows still the initial classification. This behaviour has been goi
...
Hi,
Is Cortex XDR supported on AS400 servers?
Kindly provide documentation related to it.
Thanks
Hello,
1. Can we please know the recommended procedure to change the defalut password for agents.
2. Is it possible to change the password for particular endpoints?
3. Will there be any operational issues or impacts if we perform this acitivity?
...
Hi all,
I get the data with Cortex XDR API. I couldn't find which field the Activity Time field matches. The closest results are event_timestamp and detection_timestamp, but not all of them are correct.
| Subject | Likes |
|---|---|
| 3 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like | |
| 1 Like |
