This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Security Operations
Post questions, provide answers, share best practices, and connect with peers and experts in this area dedicated to Cortex XDR, XSOAR, and Xpanse discussions.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Security Operations
Post questions, provide answers, share best practices, and connect with peers and experts in this area dedicated to Cortex XDR, XSOAR, and Xpanse discussions.

Browse the Community

Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

2504 Posts

Cortex XSOAR Discussions

Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

1285 Posts

Cortex Xpanse Discussions

Cortex Xpanse builds a system of record that is the authoritative source for an organization’s global Internet assets; it knows your attack surface so you can own it before someone else.

10 Posts

Cortex XSIAM Discussions

Cortex XSIAM, the autonomous security platform powering the Modern SOC, operates across cloud and enterprise security operations, providing true end-to-end management of threats wherever they originate.

127 Posts

Activity in Security Operations

Start a conversation

XQL Query

Can we fetch grouped issues by the help of XQL query. Like if same issues is running again and again in short period of time than that comes with +1 or +2 on console. So can we able to find that +1 or +2 issues which is grouped in a single issues through the help of XQL Query. Cortex XDR

Resolved! Assets -> Network configuration

Hi everyone, Does anyone know if the ‘range names' created in the network configuration of the assets option can be seen in the assets information, or somewhere else, of the issues or cases? Thanks in advance. Regards, J.Risquez

Android Cortex XDR

I want to know how to perform an XQL query for Android devices, where I search by hash and it shows me all the devices that have that .apk with that hash, or I can search by name.

Android Cortex XDR

Does anyone know how to perform bulk queries in Cortex XDR for Android devices? I want it to show me all Android devices that contain a specific hash or that contain the same APK file. Please, I'm open to suggestions.

Resolved! Query for Datasource and related cases

Hi. I try to create report for different datasource which create Cases or issues. i got error > Aggregation by original_tags field of type array is unsupported. when i try to use COMP with original_tags Here is example what i try to do > | filter (`resolution_status` in (RESOLVED_FALSE_POSITIVE, RESOLVED_TRUE_POSITIVE)) //| filter (`res...

T.Nurmi by L1 Bithead
  • 1325 Views
  • 1 replies
  • 0 Likes

KB KB5022661

Hello, Does anyone have a Cortex XDR query to check if any endpoints and/or servers are missing Microsoft KB5022661. Any assistance would be greatly appreciated

Load more
Register or Sign-in
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks