This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About zsolomon
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About zsolomon
05-30-2023
5Posts
3Likes
1Solution
May 30, 2023Last Visited
User
Activity
User
Profile
Latest posts by zsolomon
| Subject | Views | Posted |
|---|---|---|
| 1651 | 07-11-2021 08:34 AM | |
| 1492 | 07-11-2021 04:10 AM | |
| 2510 | 06-16-2021 04:09 AM | |
| 2893 | 06-16-2021 03:50 AM | |
| 7384 | 04-27-2021 11:33 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 06-16-2021 03:50 AM | |
| 2 Likes | 04-27-2021 11:33 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 2 Likes | |||
| 2 Likes | |||
| 1 Like | |||
| 6 Likes |
User Badges
Community Statistics
| Member Since | 10-18-2020 12:49 AM |
| Date Last Visited | 05-30-2023 04:28 AM |
| Posts | 5 |
| Total Likes Received | 3 |
07-11-2021
08:34 AM
@Stephane.B wrote: Our customer is requesting to see if the Cortex XDR protects against the GootLoader vulnerability. Anyone have any idea? Hi Stephane, Assuming you meant "Boot loader" since i am not familiar with " GootLoader". XDR agent will not be able to mitigate CVE-2020-10713 since it does not have Boot time protection. When thinking about it, Attacker can always replace the Boot loader with a vulnerable one so even replacing will not really be a solution. Hope that this answers your question. Best, Ziv.
... View more
07-11-2021
04:10 AM
@Deepak25 wrote: Below announcement applicable to cortex XDR/EDR ? Hi Deepak25, The announcement you shared with us is related to the CDL (Cortex Data Lake), your EDR logs from XDR endpoints are safe and stored. You should pay attention to the announcement "Action Items" and follow the instruction if it's applicable to you. Hope that answers your question and concern, Best, Ziv.
... View more
06-16-2021
04:09 AM
@service-ad wrote: Hi, I am having this problem in a host managed by Cortex XDR , whenever I execute iexplorer.exe or outlook an xdr agent alarm is triggered indicating that it's a Memory Corruption Exploit. Except creating an Exploit profile and excluding this kind of alarm , is there any other solution , has anyone the same problem? Process blocked: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6220 CREDAT:18363609 /prefetch:2 Hi, Sounds like what you need to do is retrieve and analyze, If this doesn't work, solution will be to download the retrieve data and submit for analysis of the issue by the Support team. They can be reached at https://support.paloaltonetworks.com/. I hope this helps,
... View more
06-16-2021
03:50 AM
1 Kudo
HI Carracido, The answer will be two parts since i am not sure which one you meant: 1. In XDR Pro you can use XQL to build queries, My advice will be to either use a specific name if there is one or search for files from a specific extension. 2. Since XDR does not look into files, there is no way to know if the file is password protected. I hope this helps.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
05-30-2023
04:28 AM
|
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks