Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Active Scanning on Endpoints

Hello,

 

We intend to perform scheduled scanning on all endpoints. So we wondered if active scanning was required on all endpoints repeatedly, or if cortex developed its own scan whenever a new file was created or added to the system.

Mitre ATT&CK coverage

Hello dear Livecommunity, 

 

as you know, Cortex XDR is a very powerful peace of software and I am happy to use and administrate it. 

But I never doubt about coverage of the mitre attack patterns and I am a little bit upset, we need to get through th

...

RFeyertag by L4 Transporter
  • 1384 Views
  • 2 replies
  • 0 Likes

Broker VM & SIEM

Hello folks.

How we can forward Cortex Agent logs from Broker VM to SIEM systems?

[agent] ====> [Broker VM] ====> [SIEM]

 

 

Cortex XDR 

CORTEX XDR

I want to add palo alto firewalls to cortex xdr do I need to add only panorama or do I need to add 

Indvidual firewalls to get alert 

do i need to use firewall mgmt. ip or panorama mgmt. ip 

we have more than 300 firewalls split into HWAN and LAN MFG

...

Query regarding malware scan

During initiating the malware scan on connected endpoints suppose the system moves to disconnected state for few days and the scan status starts showing in progress now. Could you please let us know the duration of the malware scan is applicable for

...

Whitelisting of Files

Hello, 

We are running periodic scan on all endpoints . During this scan few files has been detected .We have  got confirmation that some of the files are legitimate and it's being used in infra. 

Can you please suggest in providing what is the best

...

  • 2027 Posts
  • 81 Subscriptions
Top Solution Authors