Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 735 Views
  • 0 replies
  • 2 Likes

Cortex Broker Mapper scans

We’re experiencing an issue with Cortex brokers related to the network mapper.
When we run network scans using the "ICMP Echo" flag, the scan completes successfully and everything works as expected.

However, when performing a "TCP SYN" scan on the foll

...

tlmarques by L4 Transporter
  • 89 Views
  • 0 replies
  • 0 Likes

File upload to open Cloud Applications

HI Team,

 

I'm running a test case in uploading test documents to open source Cloud applications.

I was successful, but in xdr_data and Zscaler dataset; the file uploads and file names are being shown as blank or none.

 

Please let me know

1. if this

...

XDR Analytics Data source

https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/BitLocker-key-retrieval https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Exchange-mailb

...

Resolved! Test alerts in Cortex xdr

Is there a built-in way to generate a test alert either from an agent installed on a client machine or through the XDR portal itself?

 

I currently have an agent ver 7.6.2 installed on a windows box and I'd like to create a test alert that will be visi

...

Unpatched Vulnerabilities Protection

Hi,

I see this written in Unpartched vulnerability protection module section "Modify system settings temporarily as a workaround to protect unpatched endpoints from known vulnerabilities".

I have searched but found no details regarding this, can anyo

...

XDR CIE

How is CIE configured in XDR MSSP? Is it only on the parent and then shared to child tenants or can it be configured differently on each of the child tenants?

XDR Multi tenant MSSP Add on Modules

Does anybody have any details on how add on licenses (eg, Forensics,Host insights, ITDR etc) work within a Multi tenant XDR environment? Does the add on license automatically apply to all child tenants or does it have to be assigned? Does everything

...

SLS is required for Ingesting NGFW logs?

Hello all,

I have Pro per GB in my Cortex XDR and wish to gain more visablity in Network.
Is it compulsory to have Strata Logging Service license in order to make this works?
does Strata Logging Service license comes with my Firewall subscription or do

...

NGFW alerts to Cortex XDR

Hi team,

I have a technical cuestion but could not find the answer in the documentation.
I assume that to ingest NGFW alerts into Cortex a Pro Per GB license is needed. The cuestion is: Is there any way to configure the ingestion of the panw_ngfw_thre

...

  • 2276 Posts
  • 86 Subscriptions
Top Solution Authors
Top Liked Authors