Cortex XDR
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all Palo Alto Networks products in one place.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Cortex XDR

Welcome to the Cortex XDR resource page. Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all Palo Alto Networks products in one place. On this page you can engage in Cortex XDR discussions and review helpful resources dedicated to Cortex XDR.

Discussions

Need answers? Register or Sign-in to Engage, Share, and Learn.
Author Topic Views Replies
05-28-2024

XDR Query Builder

Hi, I'm trying to use Query Builder but unable to get any results. see also attached screenshot. But when I perform a XQL search with query "dataset... — Read more

posted in Cortex XDR Discussions

56 1
05-28-2024

Hip Object

I have an mdm on my corporate smartphones, how do I add it to the hip object so that users can only access the internal network if they have the mdm i... — Read more

posted in Cortex XDR Discussions

66 1
05-28-2024

Tag based widgets in Cortex XDR?

Hi all, We've started using Cortex XDR this year, and I currently see some limitations on the reporting and dashboard module. We're using tags to keep... — Read more

posted in Cortex XDR Discussions

69 1
05-27-2024

XQL Query - File Delete Action

Hi, Please may i know if anyone may have the issue i encounter since early May 2024? 1. Delete a folder (100+ files) from specific endpoint (right cl... — Read more

posted in Cortex XDR Discussions

142 2
05-27-2024

Cortex XDR API get_endpoints vs get_endpoint

Hello, I've been using python script to get all endpoints /public_api/v1/endpoints/get_endpoints (https://docs-cortex.paloaltonetworks.com/r/Cortex-... — Read more

posted in Cortex XDR Discussions

322 1

Articles

Cortex XDR CS Newsletter May 2024

05-09-2024 — Read all the latest and greatest from Cortex XDR Customer Success! — Read more

Labels: Cortex XDR XDR Newsletter
451 published by in Cortex XDR Articles
05-09-2024 edited by

Cortex XDR CS Newsletter April 2024

04-10-2024 — April 2024 UPCOMING EVENTS Alert Tuning Webinar Series Join us for a Customer Success webinar series, Alert Tuning, starting on April 24! You may register below for the series in advance. Register here: Part 1 | Part 2 Symphony 2024: AI and Automation Come see where security operations are heade... — Read more

Labels: Cortex XDR XDR Newsletter
619 published by in Cortex XDR Articles
04-10-2024 edited by

Cortex XDR CS Newsletter March 2024

03-18-2024 — March 2024 UPCOMING EVENTS Parsing and Correlation Rules Webinar Series Register now for the last part of the webinar series: Parsing & Correlation Rules - Improving Application Security with Correlations. Register here: Part 3 Investigation and Threat Hunting Virtual Workshop Calling all custome... — Read more

Labels: Cortex XDR
719 published by in Cortex XDR Articles
03-18-2024 edited by

Cortex XDR CS Newsletter Feb 2024

02-16-2024 — February 2024 UPCOMING EVENTS Parsing and Correlation Rules Webinar Series Register now for Part 2 of the webinar series: Correlation Rules - the core of detection. You may review the recording for Part 1 in the On-Demand section below Register here: Part 2 | Part 3 Investigation and Threat Hunti... — Read more

Labels: Cortex XDR
804 published by in Cortex XDR Articles
02-16-2024 edited by

Cortex XDR Newsletter Jan 2024

01-10-2024 — January 2024 UPCOMING EVENTS Parsing and Correlation Rules Webinar Series Register now for our upcoming webinar series: Parsing and Correlation Rules - from Fundamentals to Practical Applications, starting on Jan 31st. Register below: Part 1 | Part 2 | Part 3 Investigation and Threat Hunting Virt... — Read more

Labels: Cortex XDR
1420 published by in Cortex XDR Articles
01-10-2024 edited by

Blogs

Securing Kubernetes Clusters: The Cortex XDR and XSIAM Approach

05-16-2024 — Kubernetes has revolutionized the way we deploy and manage applications, but its complexity and dynamic nature also introduce a new set of security challenges. Attackers are constantly looking for ways to exploit vulnerabilities in Kubernetes clus... — Read more

Labels: Cortex XDR Cortex XSIAM Kubernetes
474 by in Community Blogs

Playbook of the Week: Automating Response to Living-Off-the-Land (LOTL) Attacks

05-15-2024 — The Cortex XDR - Remote PsExec with LOLBin command execution alert playbook enables organizations to automate and expedite alert handling. — Read more

Labels: Alert Automation Cortex XDR Cortex XSOAR
757 by in Community Blogs

Leading with a Prevention-First Approach for Cloud Detection and Response

04-25-2024 — As cloud computing continues to evolve and becomes the ad-hoc standard for many of the world’s largest enterprises, we also see attack surfaces growing and the escalation of cyberthreats targeting the cloud and traditional enterprise assets. These... — Read more

Labels: CDR Cloud Cortex XDR Cortex XSIAM detection and response XDR XSIAM
1404 by in Community Blogs

Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400

04-24-2024 — This threat brief is frequently updated as new threat intelligence is available for us to share. The full update log is at the end of this post and offers the fullest account of all changes made. — Read more

Labels: Cortex Cortex XDR Cortex Xpanse Cortex XSIAM threat brief Threat Briefs and Assessments unit 42 unit42
2048 by in Community Blogs

On Credible and Cyber-Contextual Labeling

04-11-2024 — Machine learning (ML) powered methods are rapidly taking over the cybersecurity medium, performing a variety of complex tasks, including detection, prevention, and prioritization. — Read more

Labels: Cortex XDR Incidents labels ML Threat Detection XDR
1917 by in Community Blogs

cortex-xdr-release-notes

Videos

Digital Learning Courses

Visit Palo Alto Networks' learning platform, Beacon, for free technical knowledge and educational resources related to all of our products.

Please note: You need to be logged into SSO in order to view this content.