Dear All ,
Once XDR taken action on a set of files which seems to be suspicious . Apart from Wildfire verdict , its also shows XDR action like Detected , Prevented (blocked ) .
How can I confirm Actual Action by XDR is Quarantine / Cleaned / Del
...
Hello everyone,
does anybody know if the Cortex XDR agent for Linux systems is officially certified for SAP HANA environments (Redhead) ?
Are there any documentations about this? Haven´t found anything to this.
Thanks and regards,
Tobias
Hi All, looking for some help here... We recently added some new team members and they have somewhat limited access to the Cortex XDR Console.
The one thing I'd like them to have is access to report a verdict as incorrect. I can't seem to find any
...
Cortex XDR
While installing Cortex agent 5.0 on windows 8.1, we are facing this issue.
pls help on it...
Hello Team,
Can you help with below queries
Hello
Is there any solution to export the allow list in prevention profiles?
For an example the malware profile?
I already checked in XQL.
Found no dataset where these informations could be exist.
Anyone any suggestions?
Cheers
Tobias
Dear community,
I would like to block connections to specific domains using BIOC,
but I found that the "Add to restrictions profile" button is missing when right-clicking on a BIOC rule.
Why is there no such button? Alternatively, is there any way to
DTRH: CIS Benchmarking
3rd Party Data Ingestion | Data Parsing | Widgets & Dashboards
Overview
In this DTRH we will look at adding valuable data into XDR from
...
Hello,
Looking to set up FIM using the Cortex XDR agent and from what I have found so far, it seems unsupported. Has anyone set up FIM using any method?
The only possible option I have found so far is maybe using an auditbeat with the FIM module:
...
Hey dear community,
is Cortex XDR Pro using the base from the https://www.loldrivers.io/api/drivers.csv list? I am asking because I could build my own IOCs from this list and I want to know if it is necessary.
BR
Rob
Hello, experts,
Found out the Device control which can be temporarily allowed to my USB device when my EP is connecting to the Internet/XDR Portal.
Just wondering if we could temporarily allow the USB without (the EP) connecting to Portal?
Thanks,
S
...
Hello dear community,
we had a nice expierience today with a FP (IOC, IP). We got about 2000 E-Mails and there were more than 5000 alerts, so Cortex auto disabled the IOC. So far, so good.
In our case it would have made sence to reduce the tresho
...
Hello,
We are using Pro Per Endpoint license.
Is that possible to integrate Third party security solution with Cortex XDR.
If it is Yes, Which tool we can integrate as a best practice.
Hello,
Hi Team,
Is there a possibility to block specific external domain ip addresses via the cortex xdr host firewall?
