We are using Cortex XDR Prevent 1) I see many places the word 'rules' and 'rule exception' is used , I assume this option or feature is not available in Cortex XDR Prevent as I do not see it in the menus/blades .I guess its a 'Pro' edition feature . Please correct me . 2) In Cortex XDR Prevent , I had a legitimate batch file which was 'prevented' by Cortex , so I was looking at best way to allow it to run on the host next time , so I added all hashes from ' Key Assets and Artifacts ' for the Incident to Allow list . So fingers crossed . However I see I get one option when I right click on the individual alert ' Create Alert Exception ' , I did not find any documentation about this feature in the pdf admin guide , can anybody explain what this does and is this a better option . The alert source is ' XDR Agent ' and its a 'Behavioural threat ' Thanks in advance
... View more