This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About Joe_Botelho
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About Joe_Botelho
06-02-2023
6Posts
1Like
0Solutions
Jun 02, 2023Last Visited
User
Activity
User
Profile
Latest posts by Joe_Botelho
| Subject | Views | Posted |
|---|---|---|
| 107 | 06-02-2023 02:57 PM | |
| 901 | 05-02-2023 09:21 AM | |
| 893 | 05-17-2022 07:38 AM | |
| 1679 | 05-26-2021 02:59 PM | |
| 5799 | 05-05-2021 05:30 PM | |
| 6021 | 04-21-2021 10:45 PM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 04-21-2021 10:45 PM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 Like |
User Badges
Community Statistics
| Member Since | 02-12-2021 12:04 PM |
| Date Last Visited | 06-02-2023 06:33 PM |
| Posts | 6 |
| Total Likes Received | 1 |
06-02-2023
02:57 PM
Hello All,
I was curious if anyone knew of any BIOC rules that could be used to detect Living Off The Land Drivers in Cortex XDR?
... View more
05-02-2023
09:21 AM
Hello, I received that email as well and understand it is recommended to turn on, but we have a customer that is asking how the Advanced API Monitoring actually works and if there is an operational impact. I recommended testing in a staging environment but that doesn't answer the first question. If this involves process hooking, will a reboot of the system be required? Any other information on this is appreciated. Thank you
... View more
05-17-2022
07:38 AM
Was asked by a user to set up MFA, I can no longer see the option to do so.
... View more
05-26-2021
02:59 PM
Hello, When periodic scanning is enabled, is the time based on the local time of the machine the XDR agent is installed on? Thank you
... View more
05-05-2021
05:30 PM
Thank you for the responses. As a follow up, if a file is on the blocklist already but is given a WildFire verdict and "Quarantine WildFire malware verdict" has been enabled in the applied malware profile, why isn't the file actually quarantined? Is it due to it already being on the blocklist?
... View more
04-21-2021
10:45 PM
1 Kudo
Hello,
Please excuse me if these are very basic questions. I have been trying to find a definitive, written answer and have been unable to, so far.
If
1. Portable Executable and DLL Examination is set to the default of 'block' in an applied Cortex XDR policy,
2. a scan is run on an endpoint using that policy
and
3. a malicious executable is found on that device, why does the alert show as "Detected (Scanned)" for the file?
Is the endpoint protected from that malicious executable?
Based on the default setting, would that file be blocked if it attempted to execute and since it is dormant, it has only been identified during the scan but no action is necessary (other than an alert)?
Thank you for any help with this.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
06-02-2023
06:33 PM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks