Cortex XDR

Cortex XDR

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all Palo Alto Networks products in one place.

Welcome to the Cortex XDR resource page. Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all Palo Alto Networks products in one place. On this page you can engage in Cortex XDR discussions and review helpful resources dedicated to Cortex XDR.

Discussions

Need answers? Register or Sign-in to Engage, Share, and Learn.
Author	Topic	Views	Replies
K.Su281488 03-22-2025	cortex XDR 自動佈署到企業內所有電腦我想詢問有無工具或是工具可以在公司內部網段偵測沒有安裝XDR的設備然後透過管理介面或是工具佈署agent posted in Cortex XDR Discussions	30	0
R.Tuyub 03-21-2025	Malware Scans Hello community.Do you know what the “scanning complete” column in the malware scan results refers to? I see that in the values it shows 3 folders, do... — Read more posted in Cortex XDR Discussions	86	2
VarunPitale 03-21-2025	BIOC Rule Through XQL vs Builder Here is my BIOC Rule using XQL. dataset = xdr_data \| filter event_type = ENUM.FILE \| filter agent_hostname = "XXXXX"\| filter action_file_path = "D:\X... — Read more posted in Cortex XDR Discussions	50	0
WMartini 03-20-2025	Feature Request – LLDP/CDP Support for Network-Based Endpoint Discovery I would like to request a new feature for Cortex XDR that enables it to collect network information using the Link Layer Discovery Protocol (LLDP) and... — Read more posted in Cortex XDR Discussions	146	2
DuncanGM 03-20-2025	Modification of default scoring for Alert-->Malware--Suspicious Executable Detected I am looking for a way to modify the severity score for the alert in category Malware, named Suspicious Executable Detected. By default, this stamps t... — Read more posted in Cortex XDR Discussions	146	2

Articles

Cortex XDR CS Newsletter June 2024

06-13-2024 — Don't miss our monthly announcements, How-to Videos, and latest blogs in the Customer Success What's New Newsletter! — Read more

Labels: Cortex XDR XDR Newsletter
1830 published by rtsedaka in Cortex XDR Articles
06-13-2024 edited by rtsedaka

Cortex XDR CS Newsletter May 2024

05-09-2024 — Read all the latest and greatest from Cortex XDR Customer Success! — Read more

Labels: Cortex XDR XDR Newsletter
1795 published by rtsedaka in Cortex XDR Articles
05-09-2024 edited by rtsedaka

Cortex XDR CS Newsletter April 2024

04-10-2024 — April 2024 UPCOMING EVENTS Alert Tuning Webinar Series Join us for a Customer Success webinar series, Alert Tuning, starting on April 24! You may register below for the series in advance. Register here: Part 1 | Part 2 Symphony 2024: AI and Automation Come see where security operations are heade... — Read more

Labels: Cortex XDR XDR Newsletter
1869 published by rtsedaka in Cortex XDR Articles
04-10-2024 edited by rtsedaka

Cortex XDR CS Newsletter March 2024

03-18-2024 — March 2024 UPCOMING EVENTS Parsing and Correlation Rules Webinar Series Register now for the last part of the webinar series: Parsing & Correlation Rules - Improving Application Security with Correlations. Register here: Part 3 Investigation and Threat Hunting Virtual Workshop Calling all custome... — Read more

Labels: Cortex XDR
2088 published by rtsedaka in Cortex XDR Articles
03-18-2024 edited by rtsedaka

Cortex XDR CS Newsletter Feb 2024

02-16-2024 — February 2024 UPCOMING EVENTS Parsing and Correlation Rules Webinar Series Register now for Part 2 of the webinar series: Correlation Rules - the core of detection. You may review the recording for Part 1 in the On-Demand section below Register here: Part 2 | Part 3 Investigation and Threat Hunti... — Read more

Labels: Cortex XDR
2180 published by rtsedaka in Cortex XDR Articles
02-16-2024 edited by rtsedaka

Blogs

Threat Brief: CVE-2024-6387 OpenSSH RegreSSHion Vulnerability

07-15-2024 — On July 1, 2024, a critical signal handler race condition vulnerability was disclosed in OpenSSH servers (sshd) on glibc-based Linux systems. This vulnerability, called RegreSSHion and tracked as CVE-2024-6387, can result in unauthenticated remote... — Read more

Labels: Cortex XDR Cortex Xpanse Cortex XSIAM Cortex XSOAR CVE-2024-6387 OpenSSH RegreSSHion Remote Code Execution SSH threat brief
15655 by rtsedaka in Community Blogs

Introducing the New Cortex Shellcode AI Protection: A Precision AI-Driven Module

07-15-2024 — In this write-up, we will dive into the realm of shellcode and examine how our AI-driven approach is once again raising the bar when it comes to threat detection and prevention. — Read more

Labels: Cortex Cortex XDR Precision AI shellcode
3430 1 by rtsedaka in Community Blogs

What’s Next in Cortex - New Wave of Innovations in Cortex (June 2024 Release)

07-03-2024 — ith the ever evolving threat landscape, security operations teams require a new level of efficiency to protect their organizations. The latest release across Cortex products aims to solve a diverse set of challenges in security operations, all whi... — Read more

Labels: Cortex XDR Cortex Xpanse Cortex XSIAM Cortex XSOAR XDR Xpanse XSIAM XSOAR
5105 by GonenFink in Community Blogs

Palo Alto Networks Excels in MITRE Managed Services Evaluation

06-25-2024 — Palo Alto Networks Unit 42 is a leader in MDR, delivering MTTD twice as fast as the average participant and leveraging the industry’s best XDR technology. — Read more

Labels: Cortex XDR XDR
1724 by rtsedaka in Community Blogs

Forrester Names Palo Alto Networks a Leader in XDR

06-11-2024 — Today, we are excited to announce that Cortex XDR has been recognized as a Leader in The Forrester Wave™: Extended Detection and Response (XDR) Platforms, Q2 2024. — Read more

Labels: Cortex XDR XDR
2527 2 by GonenFink in Community Blogs