Cortex XDR Discussions

Not able to set Proxy for Windows 2012 servers

Hello ,

We are unable to see few servers in our endpoint list. But the user confirmed it has cortex installed in it and is enabled also particularly For Windows 2012 servers we're not able to set the proxy and for some hosts last seen connected dat

...

Agents Intermittently Disappearing in Cortex XDR Then Shows Up

Hi,

Some Agents in Cortex DXR disappears then shows up after few days - no pattern at all

If my understanding is correct, if the Agents are disconnected or there's a connection lost, the Endpoint Status column will dictate it.

But the Agents in q

...

Cortex XDR PoC: Monitoring Malicious Chrome Extensions

PoC Lab: Monitoring Malicious Chrome Extensions

By: @mfakhouri

Executive Summary

With the convenience Chrome extensions provide, such as ad blocking, enhanced web viewing, and improving user experiences, it is no surprise that malicious act

...

Operational status unprotected with error message running without valid content

Related to Cortex XDR

we are observing operational status as unprotected for some endpoints and the error says running without valid content.
But at the same time we also observed some of the agents running on the the latest agent version also having

...

Resolved! A question from the Endpoint Administration Part 2 webinar: Alert ID

We often notice alert_id out of the numerical order, chronologically, sometimes way off. It appears like XDR is detecting something later and assigning an older timestamp but a new alert_id to detection. Can someone provide some detail/explanation on

...

Resolved! Exclusion criteria import

Hi all.

Does anyone know of a way - or a work around for the following situation.

I have a long list (about 700) IPs that I want to create an alert exclusion from. These are external scanners that our firewall blocks and we get a large amount of

...

Pop-up Blocked Alert Not Displaying Blocked File

Hello,

A client received a pop-up blocked alert because a suspicious executable was found on their machine. When the client went to view more details, the executable that was blocked was never displayed in the details information. Why is that? By t

...

Resolved! Not Able to pause Endpoint Protection

Hello ,

There are few endpoints even after clicking pausing endpoint protection .It is not allowing it to pause the endpoints protection .

Resolved! XQL Query - Event logs of a particular host

Hi All,

Can someone tell me how do we query all event logs for a particular hostname using XQL ?

Thanks!!

Cortex XDR

Cortex XDR agents upgrade

Hello everybody,

Is Cortex XDR agents auto upgrade recommended? We enabled agent auto upgrade at the moment. But we worry this can cause some problems in future. Can anybody give suggestions about this situation?

Thanks.

[Network location] - too long to check location

Hi community,

Does somebody is using Cortex XDR - Network Localtion (from agent settings profile).

My problem is that the network location is too long, specifically when users comme back to our office from their own internet connection, internal

...

Install on Windows 10 Enterprise IoT with UWF enabled

Has anyone installed XDR on windows 10 or 11 running UWF. I am assuming I need to exclude some folders to make it work properly? I thought I saw something but not having any luck.

Cortex XDR - New Widget

Hello,

Can we create a widget with regards to endpoint tag and number of agents?

Signer of a file in file operations

Hello dear community,

like I saw, there is no possibility to find out the signer, from files which were only downloaded, moved, etc. but not executed.

Why is this not possible?

BR

Rob

Cortex XDR not detecting malicious files

Hi ,
Why Cortex XDR is not detecting malicious files which are present in system.
for testing purpose I have downloaded a test malware also but it is not reflected after the malware scan.Can anyone please give clarity on this.
Does Cortex detects malici

...

Discussions

Not able to set Proxy for Windows 2012 servers

Agents Intermittently Disappearing in Cortex XDR Then Shows Up

Cortex XDR PoC: Monitoring Malicious Chrome Extensions

Operational status unprotected with error message running without valid content

Resolved! A question from the Endpoint Administration Part 2 webinar: Alert ID

Resolved! Exclusion criteria import

Pop-up Blocked Alert Not Displaying Blocked File

Resolved! Not Able to pause Endpoint Protection

Resolved! XQL Query - Event logs of a particular host

Cortex XDR agents upgrade

[Network location] - too long to check location

Install on Windows 10 Enterprise IoT with UWF enabled

Cortex XDR - New Widget

Signer of a file in file operations

Cortex XDR not detecting malicious files

afficher un message via un script python sur les endpoints isolés

no alerts no incident

Difference xdr_login_events and authentication_story

How to change password expiration for Users in Cortex XDR?

Cortex WIndows ulnerability assessment

Re: Cortex XDR Installation issue for Windows 7 SP1 and Windows 2008 R2 SP1

Re: Cortex XDR Installation issue for Windows 7 SP1 and Windows 2008 R2 SP1

Re: Growth of ARM processors in Windows Ecosystem

Re: afficher un message via un script python sur les endpoints isolés

Re: USB protection exeption for ClickShare usb Device

Unlock your full community experience!

Resolved! A question from the Endpoint Administration Part 2 webinar: Alert ID

Resolved! Exclusion criteria import

Resolved! Not Able to pause Endpoint Protection

Resolved! XQL Query - Event logs of a particular host