05-31-2024 12:26 AM
Hello All,
We are initiating the migration process from cortex xdr to crowdstrike, so can we put the cortex xdr in passive mode.
Regards,
Sakshi Seth
06-05-2024 11:41 AM - edited 06-05-2024 11:45 AM
that should depend on what you mean by migration to CrowdStrike. EPP or EDR?
Crowdstrike is cloud native EDR. The EPP is afterthought. Be more specific
If you aren't going all in with the Cortex Pro (EDR/XDR), don't give up the Cortex "Prevent" (EPP) on the host. One informs the other. As long as its there you can always switch back. flipping the script so to speak and 2 sources of intel is better than 1. As former McAfee ATA Ive built the technology platforms in a few flavors but I personally like the Cortex Prevent EPP and Defender EDR (Passive). I like it for what it is.. Metrics for the crew and telemetry for troubleshooting. If i had a crew of analyst or at least one good one and some money id go all in on the Palo XDR platform. Shiny toys get dull if you cant or dont use them
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
