Security Operations

Post questions, provide answers, share best practices, and connect with peers and experts in this area dedicated to Cortex XDR, XSOAR, and Xpanse discussions.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Security Operations
Post questions, provide answers, share best practices, and connect with peers and experts in this area dedicated to Cortex XDR, XSOAR, and Xpanse discussions.

Browse the Community

Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

2282 Posts

Cortex XSOAR Discussions

Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

1216 Posts

Cortex Xpanse Discussions

Cortex Xpanse builds a system of record that is the authoritative source for an organization’s global Internet assets; it knows your attack surface so you can own it before someone else.

9 Posts

Cortex XSIAM Discussions

Cortex XSIAM, the autonomous security platform powering the Modern SOC, operates across cloud and enterprise security operations, providing true end-to-end management of threats wherever they originate.

76 Posts

Activity in Security Operations

Where is the XSAOR 8 CLI Reference?

In the XSOAR 8.x documentation there are examples of CLI commands, including Integration commands, system commands, and information about how to escape specific characters.

However, try as I might, I can't seem to find an authoritative XSOAR CLI refer

...

mattem by L1 Bithead
  • 39 Views
  • 0 replies
  • 0 Likes

RedHat 8/9 XDR client count limited

As I have added clients to my XDR Linux group I have seen a situation where I hit a limit on client count (under 20 BTW). After I have them all added there will be 2 or 3 missing. If I restart the process on a missing client, that one immediately app

...

Cortex Broker Mapper scans

We’re experiencing an issue with Cortex brokers related to the network mapper.
When we run network scans using the "ICMP Echo" flag, the scan completes successfully and everything works as expected.

However, when performing a "TCP SYN" scan on the foll

...

tlmarques by L4 Transporter
  • 178 Views
  • 3 replies
  • 1 Likes

Resolved! Cortex XDR Windows 11 ARM64 Support?

Is there a plan or timeline for XDR being supported on Windows 11 with ARM64?

I have a customer getting the error message "this version of Cortex XDR can be installed only on x64 architecture systems, please use the appropriate installation package."

pdysart by L1 Bithead
  • 3479 Views
  • 8 replies
  • 1 Likes

Linking Issues to Cases with Command

Hello Livecomm, 

I am trying to link an issue to a case using CLI/automation or similar. Right-clicking on an issue allows me to assign it to a case, but I have not found an option to do this programmatically. I have tried using the link incident and

...

XDR Analytics Data source

https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/BitLocker-key-retrieval https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Exchange-mailb

...

Resolved! Creating a Custom Issue For a Case

Hello LiveComm,

I have created a custom case with a single Issue for a Use-Case.

I want to create more issues with a command or script in this custom case which will eventually be a playbook task.  How does one do such an action?

Many thanks,

MSysec

...

Broker-VM disconnet alert notification

Hi All,

 

anyi dea how i can generate an alert when a broker-vm gets disconnected?

 

Has anyone managed to create a correlation rule that will alert if a Broker-VM gets disconnected from XSIAM?

the xsiam documentation states that 'To help you monito

...

PA_nts by L3 Networker
  • 84 Views
  • 1 replies
  • 0 Likes
Register or Sign-in
Top Liked Authors