Cortex XDR
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all Palo Alto Networks products in one place.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Cortex XDR

Welcome to the Cortex XDR resource page. Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all Palo Alto Networks products in one place. On this page you can engage in Cortex XDR discussions and review helpful resources dedicated to Cortex XDR.

Discussions

Need answers? Register or Sign-in to Engage, Share, and Learn.
Author Topic Views Replies
06-06-2023

Cortex XDR Block List isolating machines

Hi all, I'm running into this issue where some personnel do not want to add malicious hashes to the XDR block list as it will isolate the machine. A...

posted in Cortex XDR Discussions

31 0
06-06-2023

Custom XDR query to show a user login and log out daily

Hi, I'm trying to find a good query to pull not only the user login time but also a user logout in AD/AZ AD. I've been able to get the login data easy...

posted in Cortex XDR Discussions

35 0
06-06-2023

API IOC Upload - Invoke-WebRequest : 413 Request Entity Too Large nginx

Hello dear community, I am uploading some IOCs (about 300k). Where are the limitations? I can see PA is using nginx, but I can't find any informati...

posted in Cortex XDR Discussions

44 1
06-05-2023

Help creating a Cortex XDR alert when a user is added to a privileged group in Active Directory

Hello, I am looking to create a Cortex XDR alert when a user is added to a privileged group in Active Director. I can get the alerts when a user is ...

posted in Cortex XDR Discussions

67 1
06-05-2023

Check Cortex XDR Agent status

Is it still possible to check the status of Cortex agent in registry? I want to check the status on the client side periodically. I know it is possibl...

posted in Cortex XDR Discussions

91 3

Articles

Cortex XDR PoC: Software Installations Blocking

01-02-2023 — Let's walkthrough a PoC of using Cortex XDR to block software installations —.msi and .exe file extensions — in a test environment.

Labels: Cortex XDR Learning
4049 3 1 published by in Cortex XDR Articles
02-15-2023 edited by

Cortex XDR Global Analytics & Supply Chain Attacks

07-05-2022 — Cortex XDR Global Analytics & Supply Chain Attacks Read this instructive article about Cortex XDR Global Analytics and how it protects against Supply chain attacks. We invite you to watch our cust...

Labels: Cortex XDR Learning
2154 published by in Cortex XDR Articles
09-16-2022 edited by

Blog Spotlight: Playbook of the Week: Automating Cortex XDR Investigation and Response in Cortex XSOAR

05-31-2022 — Automating XDR Investigation and Response Learn how SOC teams can utilize the best of both XDR’s extended endpoint threat detection and response with XSOAR’s workflow automation, orchestration, and...

Labels: Cortex XDR Cortex XDR Best Practices
2330 1 published by in Cortex XDR Articles
08-18-2022 edited by

SYMPHONY 2022: Watch the security operations summit on-demand!

05-15-2022 — SYMPHONY 2022 Watch the instructive sessions on-demand by clicking here: Symphony 2022 Learn more about Cortex XDR future events by visiting our event page

Labels: Cortex EVENTs Security Operations
1959 published by in Cortex XDR Articles
05-31-2022 edited by

Cortex XDR Postman API Collection

10-26-2021 — Simplify each step of building an API and streamline collaboration so you can create better APIs faster with Postman.

Labels: API Collection Cortex XDR Postman
3958 3 published by in Cortex XDR Articles
12-15-2022 edited by

Blogs

Cortex XSOAR: CVE-2023-23397 - Microsoft Outlook EoP

03-21-2023 — As part of our Rapid Breach Response program, we developed a pack that handles Microsoft Outlook EoP CVE-2023-23397 vulnerability in Cortex XSOAR.

Labels: blog Cortex XDR Cortex XSOAR
2115 by in Blogs

Palo Alto Networks Named a Visionary in 2022 Magic Quadrant for EPP

03-03-2023 — Palo Alto Networks is honored to be recognized by Gartner® as a Visionary in the 2022 Magic Quadrant™ for Endpoint Protection Platforms (EPP).

Labels: Cortex XDR
1061 1 by in Blogs

How to Use Cortex XDR to Monitor Cryptojacking Malware

02-15-2023 — Read this article to learn how to use Cortex XDR to monitor how the malware known as Adylkuzz, a cryptocurrency miner, behaves when it is allowed to run freely on an endpoint.

Labels: Cortex XDR
2269 2 by in Blogs

The Cortex UX Research Lab Is Seeking Participants

01-11-2023 — Announcing the Cortex UX Research Lab, an opportunity to participate in UX research and development for current and future Cortex products. Announcing the Cortex UX Research Lab

Labels: Cortex Cortex XDR Cortex XSOAR Customer News
3093 3 by in Blogs

XSOAR 8: Re-Architected for Performance, Scalability, and Reliability

01-06-2023 — XSOAR 8 offers the benefits of tight integration with the industry-leading Cortex Platform and its other cybersecurity products.

Labels: Cortex Cortex XDR Cortex Xpanse Cortex XSOAR
2954 by in Blogs

cortex-xdr-release-notes

Videos

Digital Learning Courses

Visit Palo Alto Networks' learning platform, Beacon, for free technical knowledge and educational resources related to all of our products.

Please note: You need to be logged into SSO in order to view this content.