Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 696 Views
  • 0 replies
  • 2 Likes

XDR Multi tenant MSSP Add on Modules

Does anybody have any details on how add on licenses (eg, Forensics,Host insights, ITDR etc) work within a Multi tenant XDR environment? Does the add on license automatically apply to all child tenants or does it have to be assigned? Does everything

...

Unpatched Vulnerabilities Protection

Hi,

I see this written in Unpartched vulnerability protection module section "Modify system settings temporarily as a workaround to protect unpatched endpoints from known vulnerabilities".

I have searched but found no details regarding this, can anyo

...

SLS is required for Ingesting NGFW logs?

Hello all,

I have Pro per GB in my Cortex XDR and wish to gain more visablity in Network.
Is it compulsory to have Strata Logging Service license in order to make this works?
does Strata Logging Service license comes with my Firewall subscription or do

...

NGFW alerts to Cortex XDR

Hi team,

I have a technical cuestion but could not find the answer in the documentation.
I assume that to ingest NGFW alerts into Cortex a Pro Per GB license is needed. The cuestion is: Is there any way to configure the ingestion of the panw_ngfw_thre

...

XDR 7.6.1 seems to ignore exception

Hi, Cortex XDR Local Analysis Malware module stops a process called "ClientConsole.exe" (I guess it's a false positive)

 

I've created a global exception for that issue and checked-in client but XDR still blocks this executable.

 

In client log I read th

...

Faber by L0 Member
  • 2315 Views
  • 2 replies
  • 0 Likes

bulk broker vm modifications

Hello,

we did a tenant migration and for some reason a lot of broker VM settings are still pointing to the old one.

We were wondering if it was possible to change the settings for it in bulk.

Thank you for your inputs.

Liosan by L0 Member
  • 176 Views
  • 2 replies
  • 0 Likes

Resolved! Delay in launching in-house apps

Our users have noticed there are delay in launching in-house developed apps (20+ apps) for the first time, the delay would take 10-20 seconds, once the app initally launched, the later, it would take 2-3 seconds to launch. The apps are located from s

...

Resolved! Rare Login Query Not Working

 

Hi team, 
I made a correlation query that looks for logins that haven't been seen on the servers in the last 7 days. This filters all successful login to endpoint type servers.

preset = xdr_login_events | join type = inner (dataset=endpoints | fiel...

a2123k1 by L0 Member
  • 508 Views
  • 1 replies
  • 0 Likes
  • 2269 Posts
  • 86 Subscriptions
Top Solution Authors
Top Liked Authors