- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
02-01-2018 01:52 PM
No, Pathfinder uses an agentless endpoint analysis service, running its own code on suspicious endpoints to collect information about running processes on the endpoint and determine if the processes are malware or greyware.
06-28-2022 01:49 AM
Which services are required when Pathfinder examines devices on the endpoint?
06-28-2022 05:32 AM
Pathfinder™ requires an optional component integrated with the Broker VM that deploys a non-persistent data collector on network hosts, servers, and workstations that are not managed by a Cortex XDR agent. The collector is automatically triggered by Analytics type alerts with a severity of High and Medium as described in the Cortex XDR Analytics Alert Reference, providing insights into assets that you would previously be unable to scan. Information is available here.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!