Bitlocker Encryption Status Only

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Bitlocker Encryption Status Only

L2 Linker

I was reading about the new Bitlocker functionality in the new release. We have Bitlocker already deployed in the organization and would like to know if I could use the CortexXDR console as only a "view" or status into the status of Bitlocker on already deployed machines? I am not wanting to control/configure Bitlocker from the CortexXDR console. 

 

Is this possible?

 

Thanks

1 accepted solution

Accepted Solutions

Hi @hhiggins -

Can you please browse to Endpoints > Disk Encryption Visibility and let me know what shows up for you.

dfalcon_0-1587695331787.png

 


David Falcon 
Senior Solutions Architect, Cortex
Palo Alto Networks® 

View solution in original post

8 REPLIES 8

L4 Transporter

Hi there-

 

I haven't tested this, so I'm going to reach out to the Product Manager of this feature to inquire.  In the meantime, here is the published process:

 

https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-prevent-admin/endpoint-security/harde...

 

I expect to have a direct answer to your question within the next 24 hours. 


David Falcon 
Senior Solutions Architect, Cortex
Palo Alto Networks® 

Thanks @dfalcon. I have been through that document prior to posting. I wasn't clear what, if anything, I needed to do for my use case. I will wait to hear back from you if this is even possible.

 

Thanks

Hi there-

 

I inquired about configuring Bitlocker outside of Cortex XDR, but viewing the encryption status inside of Cortex XDR.  To quote the Product Manager responsible for this feature:  "Yes, that is correct... we will show each drive and its encryption status."  

 

That being said, I'm going to try to and configure this in my lab today or tomorrow (depending on work schedule) to take a look.


David Falcon 
Senior Solutions Architect, Cortex
Palo Alto Networks® 

Thanks @dfalcon! Looking forward to your update.

Hi @hhiggins -

Can you please browse to Endpoints > Disk Encryption Visibility and let me know what shows up for you.

dfalcon_0-1587695331787.png

 


David Falcon 
Senior Solutions Architect, Cortex
Palo Alto Networks® 

I see bitlocker information as you do in your screenshot! When I looked before posting it was empty I swear 🙂

 

Thanks

That's great to hear!


David Falcon 
Senior Solutions Architect, Cortex
Palo Alto Networks® 

Hi @dfalcon   In this scenario would Cortex have access to the backup recovery keys and would we have the ability to retrieve them and use them? 

  • 1 accepted solution
  • 7951 Views
  • 8 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!