Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.
If I change a laptop's malware profile from having quarantine features enabled to disabled do the files in quarantine get released?
Hi everyone,
has anyone tried to execute a program in an endpoint from live terminal? I mean, when you are in the endpoint you can use a command like c:\notepad.exe in cmd and it opens notepad, I want to do the same but from the live terminal, I t
...
Hi All,
I have recently upgraded cortex XDR agent 7.9.0.17288 on few endpoints. After the successfull upgrade, i saw the endpoints which were upgraded with new version got removed from existing dynamic group. Those are still member the same group i
...
How do i put a Folder on a Mac-Client in the Malware-Policiy-Profile into the Allow-List?
For Windows-Clients, thats no big Problem, the Path always gets delivered with the Incident, but for Mac, the Path does not seem the Case, or, at least, i cannot
Hello,
We intend to perform scheduled scanning on all endpoints. So we wondered if active scanning was required on all endpoints repeatedly, or if cortex developed its own scan whenever a new file was created or added to the system.
Hey everyone,
We're having some issues with the most recent Agent Version on MacOS (7.9.0.2505).
When some of our clients were upgraded to this version they suddenly lost internet connectivity. The only thing that worked for them was to remove Co
...
Hi everyone,
Can we allow/block the file hash for a particular endpoint instead of allowing/blocking the file hash on all the endpoints?
Regards
Hello dear Livecommunity,
as you know, Cortex XDR is a very powerful peace of software and I am happy to use and administrate it.
But I never doubt about coverage of the mitre attack patterns and I am a little bit upset, we need to get through th
...
Hello folks.
How we can forward Cortex Agent logs from Broker VM to SIEM systems?
[agent] ====> [Broker VM] ====> [SIEM]
Cortex XDR
I want to add palo alto firewalls to cortex xdr do I need to add only panorama or do I need to add
Indvidual firewalls to get alert
do i need to use firewall mgmt. ip or panorama mgmt. ip
we have more than 300 firewalls split into HWAN and LAN MFG
...
During initiating the malware scan on connected endpoints suppose the system moves to disconnected state for few days and the scan status starts showing in progress now. Could you please let us know the duration of the malware scan is applicable for
...
Hello,
While initiating malware scan through policy, for certain endpoints the scan is not getting initiated, and the scan status is "None". How can this be resolved?
Hi Expert ,
How to check endpoint has no agent and integrate edl with NGFW when found endpoint
Now , I have try to create python script to get all endpoint but not have idea to check endpoint has no agent
Thank you
Hello,
We are running periodic scan on all endpoints . During this scan few files has been detected .We have got confirmation that some of the files are legitimate and it's being used in infra.
Can you please suggest in providing what is the best
...
Dear All,
We are trying to understand that, there are certain applications installed on a host by using the below query. preset = host_inventory_applications
|filter endpoint_type = "AGENT_TYPE_WORKSTATION"
|filter application_name in("Application A"
reaper
on:
NGFW User-ID and Terminal Server (TS) Agent Self-Signed Certificates expiration
| Subject | Likes |
|---|---|
| 1 Like | |
| 1 Like | |
| 1 Like | |
| 1 Like | |
| 1 Like |
| User | Likes Count |
|---|---|
| 3 | |
| 3 | |
| 2 | |
| 2 | |
| 2 |
