Cortex XDR
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all Palo Alto Networks products in one place.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Cortex XDR

Welcome to the Cortex XDR resource page. Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all Palo Alto Networks products in one place. On this page you can engage in Cortex XDR discussions and review helpful resources dedicated to Cortex XDR.

Discussions

Need answers? Register or Sign-in to Engage, Share, and Learn.
Author Topic Views Replies
05-18-2024

Future of Cortex XDR

Hello dear community, we all now the future of SOC is Cortex XSIAM. What will happen to Cortex XDR in the future? I didn't see any planned new KI ... — Read more

posted in Cortex XDR Discussions

46 0
05-18-2024

XDR Agent Conenction Status : Connection Lost

Hello guys! I was thinking about what happens to Cortex XDR agent showing connection status as Connection Lost . I know XDR agent who failed to comm... — Read more

posted in Cortex XDR Discussions

52 0
05-17-2024

Parsing at Broker VM level

I'm using COLLECT parsing rule to manipulate data at broker VM level before ingestion Rule basically filters out on raw log that I generate specific ... — Read more

posted in Cortex XDR Discussions

80 0
05-17-2024

HELP - XQL QUERY For XDR and XSOAR

Hi, I am creating a playbook with the objective of integrating Cortex XSOAR and Cortex XDR . The idea is for Cortex XSOAR to query Cortex XDR , re... — Read more

posted in Cortex XDR Discussions

192 3
05-16-2024

Proofpoint TAP Integration - XQL Query Help

Has anyone worked with PP TAP integration and creating any useful XQL queries to help identify potential malicious mail that a user interacts with? A... — Read more

posted in Cortex XDR Discussions

120 1

Articles

Cortex XDR CS Newsletter May 2024

05-09-2024 — Read all the latest and greatest from Cortex XDR Customer Success! — Read more

Labels: Cortex XDR XDR Newsletter
240 published by in Cortex XDR Articles
05-09-2024 edited by

Cortex XDR CS Newsletter April 2024

04-10-2024 — April 2024 UPCOMING EVENTS Alert Tuning Webinar Series Join us for a Customer Success webinar series, Alert Tuning, starting on April 24! You may register below for the series in advance. Register here: Part 1 | Part 2 Symphony 2024: AI and Automation Come see where security operations are heade... — Read more

Labels: Cortex XDR XDR Newsletter
473 published by in Cortex XDR Articles
04-10-2024 edited by

Cortex XDR CS Newsletter March 2024

03-18-2024 — March 2024 UPCOMING EVENTS Parsing and Correlation Rules Webinar Series Register now for the last part of the webinar series: Parsing & Correlation Rules - Improving Application Security with Correlations. Register here: Part 3 Investigation and Threat Hunting Virtual Workshop Calling all custome... — Read more

Labels: Cortex XDR
552 published by in Cortex XDR Articles
03-18-2024 edited by

Cortex XDR CS Newsletter Feb 2024

02-16-2024 — February 2024 UPCOMING EVENTS Parsing and Correlation Rules Webinar Series Register now for Part 2 of the webinar series: Correlation Rules - the core of detection. You may review the recording for Part 1 in the On-Demand section below Register here: Part 2 | Part 3 Investigation and Threat Hunti... — Read more

Labels: Cortex XDR
642 published by in Cortex XDR Articles
02-16-2024 edited by

Cortex XDR Newsletter Jan 2024

01-10-2024 — January 2024 UPCOMING EVENTS Parsing and Correlation Rules Webinar Series Register now for our upcoming webinar series: Parsing and Correlation Rules - from Fundamentals to Practical Applications, starting on Jan 31st. Register below: Part 1 | Part 2 | Part 3 Investigation and Threat Hunting Virt... — Read more

Labels: Cortex XDR
1222 published by in Cortex XDR Articles
01-10-2024 edited by

Blogs

Securing Kubernetes Clusters: The Cortex XDR and XSIAM Approach

05-16-2024 — Kubernetes has revolutionized the way we deploy and manage applications, but its complexity and dynamic nature also introduce a new set of security challenges. Attackers are constantly looking for ways to exploit vulnerabilities in Kubernetes clus... — Read more

Labels: Cortex XDR Cortex XSIAM Kubernetes
169 by in Community Blogs

Playbook of the Week: Automating Response to Living-Off-the-Land (LOTL) Attacks

05-15-2024 — The Cortex XDR - Remote PsExec with LOLBin command execution alert playbook enables organizations to automate and expedite alert handling. — Read more

Labels: Alert Automation Cortex XDR Cortex XSOAR
224 by in Community Blogs

Leading with a Prevention-First Approach for Cloud Detection and Response

04-25-2024 — As cloud computing continues to evolve and becomes the ad-hoc standard for many of the world’s largest enterprises, we also see attack surfaces growing and the escalation of cyberthreats targeting the cloud and traditional enterprise assets. These... — Read more

Labels: CDR Cloud Cortex XDR Cortex XSIAM detection and response XDR XSIAM
1169 by in Community Blogs

Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400

04-24-2024 — This threat brief is frequently updated as new threat intelligence is available for us to share. The full update log is at the end of this post and offers the fullest account of all changes made. — Read more

Labels: Cortex Cortex XDR Cortex Xpanse Cortex XSIAM threat brief Threat Briefs and Assessments unit 42 unit42
1851 by in Community Blogs

On Credible and Cyber-Contextual Labeling

04-11-2024 — Machine learning (ML) powered methods are rapidly taking over the cybersecurity medium, performing a variety of complex tasks, including detection, prevention, and prioritization. — Read more

Labels: Cortex XDR Incidents labels ML Threat Detection XDR
1760 by in Community Blogs

cortex-xdr-release-notes

Videos

Digital Learning Courses

Visit Palo Alto Networks' learning platform, Beacon, for free technical knowledge and educational resources related to all of our products.

Please note: You need to be logged into SSO in order to view this content.