Winget Command

Hello dear Community,

I have the following problem: I can’t use the Win-Get command on the XDR terminal in Cortex. Can someone help me to make this command executable on the PowerShell XDR terminal.

Cloud Identity Engine

Hi Community,

We have integrated the Cloud Identity Engine into the environment. Currently, the Palo Alto Hub page shows the Cloud Identity certificate expiring in a month.

We checked the Palo Alto article https://docs.paloaltonetworks.com/cloud-

AWS CloudFormation preset template for Cortex XDR

Hi Cortex XDR community,

We are trying to set up Cortex XDR to ingest cloud assets from AWS. It mentioned that aws clouldformation stack needs to be created using preset Cortext XDR template. Where this template can be found? Is there a link to dow

Why is the interface of my conter xdr different from everyone's

My brother once activated the XDR interface, but I found that their XDR interface was different from mine when I sought help from the documentation.

my:

People in the community:

Why is that, urgent

XDR Agent 8.5.0.2457 on macos 14.5

Hi community,

After my laptop upgrade to the last version of xdr agent i get the following:

Randomly the system looks as if it's loading and after a few seconds it's back to normal. the machine doesn't crash but the mouse keeps showing the hourgl

XDR Email Alerts json attachment

Is there any way to format the json attachment the comes with XDR emails? It's somewhat annoying to have to use another tool to view the json output since the attachment is not formatted.

Preventing CrowdStrike disaster in Cortex XDR Pro

Hello dear community!

what could we or PA setup in PA Cortex XDR to prevent us from such a disaster which happened to CrowdStrike?

Are there any settings or recommendations which can be shared? 

BR

Rob

XQL search for DOM hash and cryptocurrency wallet address

Hi all,

Anyone knows how to do XQL search for DOM hash and cryptocurrency wallet address in XDR Query search?

Thanks.

Policies without certificate enforcement enabled warning message

Hi Team,

Recently I got a warning message in cortex saying that "Some of your endpoints have policies without Certificate Enforcement enabled". And by checking it further I could see that, this is to increase protection on the agent's communication

Alert "Script Activity - 245655498"

Hello everyone,

I just received this alert "Script Activity - 245655498" with this description "Suspicious script with keywords written in a non-standard way." in Cortex multiple times related to PowerShell script execution on a developer machine.

Tons of receptivity.io

I recently see a lot of my end machine shitting this domain: receptivity.io

Started (I dunno even know, a week ago?) My logs can no longer go far enough back to figure it out.

Cause I dunno, MS edge new tab? To hopefully remove the log entries I