Cortex XDR
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all Palo Alto Networks products in one place.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Cortex XDR

Welcome to the Cortex XDR resource page. Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all Palo Alto Networks products in one place. On this page you can engage in Cortex XDR discussions and review helpful resources dedicated to Cortex XDR.

Discussions

Need answers? Register or Sign-in to Engage, Share, and Learn.
Author Topic Views Replies
05-20-2024

Changing Broker VM's internal network subnet

Hi all Is there a way to change the internal network subnet through other means other than the webui? The default 172.17.0.1/16 collides with the netw... — Read more

posted in Cortex XDR Discussions

26 0
05-20-2024

BIOC Rule - CGO V/S Actor_process_image_name

Hi I wanted to understand, if i want to see certain cmdline activities from "x" Process. Want to know what will be more efficient putting the "x" pro... — Read more

posted in Cortex XDR Discussions

80 1
05-20-2024

Do Bioc rules contribute to an Incident?

Hi I wanted to understand how do BIOC rules contribute towards an incidence, I have seen ABIOC contributing towards an incident

posted in Cortex XDR Discussions

53 0
05-19-2024

Difference between Detected and Detected (Reported)

I need to know the difference between both actions seen in alerts and if it's related to profiles configuratios(Block, Report Disabled). If it's set t... — Read more

posted in Cortex XDR Discussions

94 1
05-19-2024

Cortex XDR Agent Service Get Stopped.

Hello Guys! Just wanted a clarification that once the Cortex XDR agent service : cyserver.exe get stopped due to any reason. 1.How the system servic... — Read more

posted in Cortex XDR Discussions

118 1

Articles

Cortex XDR CS Newsletter May 2024

05-09-2024 — Read all the latest and greatest from Cortex XDR Customer Success! — Read more

Labels: Cortex XDR XDR Newsletter
265 published by in Cortex XDR Articles
05-09-2024 edited by

Cortex XDR CS Newsletter April 2024

04-10-2024 — April 2024 UPCOMING EVENTS Alert Tuning Webinar Series Join us for a Customer Success webinar series, Alert Tuning, starting on April 24! You may register below for the series in advance. Register here: Part 1 | Part 2 Symphony 2024: AI and Automation Come see where security operations are heade... — Read more

Labels: Cortex XDR XDR Newsletter
491 published by in Cortex XDR Articles
04-10-2024 edited by

Cortex XDR CS Newsletter March 2024

03-18-2024 — March 2024 UPCOMING EVENTS Parsing and Correlation Rules Webinar Series Register now for the last part of the webinar series: Parsing & Correlation Rules - Improving Application Security with Correlations. Register here: Part 3 Investigation and Threat Hunting Virtual Workshop Calling all custome... — Read more

Labels: Cortex XDR
572 published by in Cortex XDR Articles
03-18-2024 edited by

Cortex XDR CS Newsletter Feb 2024

02-16-2024 — February 2024 UPCOMING EVENTS Parsing and Correlation Rules Webinar Series Register now for Part 2 of the webinar series: Correlation Rules - the core of detection. You may review the recording for Part 1 in the On-Demand section below Register here: Part 2 | Part 3 Investigation and Threat Hunti... — Read more

Labels: Cortex XDR
658 published by in Cortex XDR Articles
02-16-2024 edited by

Cortex XDR Newsletter Jan 2024

01-10-2024 — January 2024 UPCOMING EVENTS Parsing and Correlation Rules Webinar Series Register now for our upcoming webinar series: Parsing and Correlation Rules - from Fundamentals to Practical Applications, starting on Jan 31st. Register below: Part 1 | Part 2 | Part 3 Investigation and Threat Hunting Virt... — Read more

Labels: Cortex XDR
1241 published by in Cortex XDR Articles
01-10-2024 edited by

Blogs

Securing Kubernetes Clusters: The Cortex XDR and XSIAM Approach

05-16-2024 — Kubernetes has revolutionized the way we deploy and manage applications, but its complexity and dynamic nature also introduce a new set of security challenges. Attackers are constantly looking for ways to exploit vulnerabilities in Kubernetes clus... — Read more

Labels: Cortex XDR Cortex XSIAM Kubernetes
236 by in Community Blogs

Playbook of the Week: Automating Response to Living-Off-the-Land (LOTL) Attacks

05-15-2024 — The Cortex XDR - Remote PsExec with LOLBin command execution alert playbook enables organizations to automate and expedite alert handling. — Read more

Labels: Alert Automation Cortex XDR Cortex XSOAR
333 by in Community Blogs

Leading with a Prevention-First Approach for Cloud Detection and Response

04-25-2024 — As cloud computing continues to evolve and becomes the ad-hoc standard for many of the world’s largest enterprises, we also see attack surfaces growing and the escalation of cyberthreats targeting the cloud and traditional enterprise assets. These... — Read more

Labels: CDR Cloud Cortex XDR Cortex XSIAM detection and response XDR XSIAM
1201 by in Community Blogs

Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400

04-24-2024 — This threat brief is frequently updated as new threat intelligence is available for us to share. The full update log is at the end of this post and offers the fullest account of all changes made. — Read more

Labels: Cortex Cortex XDR Cortex Xpanse Cortex XSIAM threat brief Threat Briefs and Assessments unit 42 unit42
1892 by in Community Blogs

On Credible and Cyber-Contextual Labeling

04-11-2024 — Machine learning (ML) powered methods are rapidly taking over the cybersecurity medium, performing a variety of complex tasks, including detection, prevention, and prioritization. — Read more

Labels: Cortex XDR Incidents labels ML Threat Detection XDR
1775 by in Community Blogs

cortex-xdr-release-notes

Videos

Digital Learning Courses

Visit Palo Alto Networks' learning platform, Beacon, for free technical knowledge and educational resources related to all of our products.

Please note: You need to be logged into SSO in order to view this content.