XDR Shadow Copy use case

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

XDR Shadow Copy use case

L0 Member

Could someone please share any related documents or use cases for the Shadow Copy in XDR? We have gone through the Administrative guide, but we were unable to find many details about how it works. Additionally, we would like to know how we can backup the data if an endpoint gets infected.

Cortex XDR 

 

 

4 REPLIES 4

L3 Networker

Hi YadnyayeePawar,

 

The use case is to allow our customers the ability to turn on automatic backups from XDR to ease the stress associated with managing backup tools when dealing with ransomware cases and to improve your security posture. 

 

Please review LIVEcommunity - Cortex XDR How-To Video: What's New in 3.8 which provides an overview of the feature.

 

If you found this answer helpful, please select Accept as Solution.

 

Thank you

If you found this answer helpful, please select Accept as Solution.

We have already gone through these documents, and we would appreciate it if anyone would provide us with proper documentation on how shadow copy works and if there are any use cases available. 

L1 Bithead

In the video mentioned by @jtalton it is said that "The backup is created only for files, it is not a restore point".!

But this is an absolute need.

L2 Linker

Using this setting we are only enabling the windows functionality which is shadow copy (VSS) and in mac it is Time machine.

If during any malware or ransomeware if a file is affected, you have capability to restore that file using xdr console from remediation suggestion of the incident.

  • 1410 Views
  • 4 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!