Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 1478 Views
  • 0 replies
  • 3 Likes

Detect user who moved a folder using XDR and XQL

Hi everyone,

I need help identifying which user moved a specific folder from a network share to another location. The only information I currently have is:

  • The old folder path (e.g., \\server\share\oldfolder)
  • The new folder path (e.g., \\server\users\
...

tlmarques by L4 Transporter
  • 407 Views
  • 1 replies
  • 0 Likes

HELP With XQL Query to fetch All Assets

Hello Everyone, 
I want to fetch all assets from asset inventory using XQL query but I am unable to find a suitable dataset for it. Can someone please help with XQL Query to fetch all the assets. 

 

Thank you 

 

Cortex XDR 

Resolved! Exclusion process cortex?!

Hi,

How can I create an exclusion in Cortex XDR to stop it from scanning a specific executable??

We have a critical software in our company, and we've noticed that Cortex is constantly analyzing it, causing the machine high CPU and MEM.

How can we excl

...

tlmarques by L4 Transporter
  • 2642 Views
  • 4 replies
  • 0 Likes

Resolved! Cortex XDR file quarantine

Hi Team,

 

i have two general questions,

 

1-can i delete a file from multiple endpoints but with different paths from the action centre?

 

2- i understand that cortex can quarantine a malicious file but is there an option to delete it without my int

...

O.Asha by L0 Member
  • 684 Views
  • 1 replies
  • 0 Likes

Excluding Pentera Box

I am looking to make an exclusion or suppression of some sort for alerts generated by our Pentera Security Validation Tool. I have a SSL certificate loaded into Pentera so I can filter by that certificate if I can. However for the Vulnerability Scans

...

Configuring Exceptions for Different Modules

Hello guys

 

I need to add exceptions for Windows HyperV servers.... and I have 2 questions:

 

Question 1

 

I need to add exceptions base on extensions...*.bin, *.vhdx, *.avhd.... etc, and exceptions base on process for instance Vmms.exe, VMwp.exe...

...

dhervasg by L0 Member
  • 569 Views
  • 3 replies
  • 0 Likes

Problems updating the agent

Hello colleagues!

 

I'm having trouble updating my agents to versions 8.7 and 8.8. The current versions are 8.5 and 8.6.

 

When performing the update, the following error appears:

 

"The content package was faulty or could not be downloaded."

 

Check

...

C.Labra by L0 Member
  • 668 Views
  • 1 replies
  • 0 Likes

content update issues on XDR 7.9CE

Hi everyone. 

 

Have anyone had issues with 7.9CE version about the content updates? I mean, the agents are not downloading the  CUs. I even tried to install the agent on a win 7 VM and it installs indeed but doesn't download content updates. It is w

...

MarcoMJ by L1 Bithead
  • 529 Views
  • 1 replies
  • 0 Likes

User Message on IOC trigger

Hi,

 

We have enabled user notifications in agent profile settings, when an event like malware detection occurs it is displayed to the user immediately. However, it does not show a notification for an IOC. Can we make a message appear for an IOC even

...

Toutrial: Detecting Tor Traffic in XSIAM

Hi Everyone, 

 

Some members in the community have recently been exploring ways to detect Tor traffic within their environments. I’ve spent some time working on a solution to this challenge, and I wanted to turn that work into a dedicated post so mor

...

A.Elzedy by L2 Linker
  • 744 Views
  • 2 replies
  • 0 Likes

Repeated False Incidents with Unknown Verdicts

Hi everyone,

I’m currently facing an issue with Cortex XDR where I regularly receive incidents flagged as suspicious,

 

This particular one shows:

  • WF (WildFire) Verdict: Unknown

  • VT (VirusTotal): 0/64 detections

Every week, I keep seeing similar in

...

  • 2441 Posts
  • 88 Subscriptions
Top Solution Authors
Top Liked Authors