Cortex XDR
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all Palo Alto Networks products in one place.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Cortex XDR

Welcome to the Cortex XDR resource page. Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all Palo Alto Networks products in one place. On this page you can engage in Cortex XDR discussions and review helpful resources dedicated to Cortex XDR.

Discussions

Need answers? Register or Sign-in to Engage, Share, and Learn.
Author Topic Views Replies
05-29-2024

Certificate Enforcement issue

We have several machines that are now reporting "Partially Protected" when we enabled Certificate Enforcement on them. First they started to show "... — Read more

posted in Cortex XDR Discussions

24 0
05-28-2024

XDR Query Builder

Hi, I'm trying to use Query Builder but unable to get any results. see also attached screenshot. But when I perform a XQL search with query "dataset... — Read more

posted in Cortex XDR Discussions

145 2
05-28-2024

Hip Object

I have an mdm on my corporate smartphones, how do I add it to the hip object so that users can only access the internal network if they have the mdm i... — Read more

posted in Cortex XDR Discussions

116 1
05-28-2024

Tag based widgets in Cortex XDR?

Hi all, We've started using Cortex XDR this year, and I currently see some limitations on the reporting and dashboard module. We're using tags to keep... — Read more

posted in Cortex XDR Discussions

107 1
05-27-2024

XQL Query - File Delete Action

Hi, Please may i know if anyone may have the issue i encounter since early May 2024? 1. Delete a folder (100+ files) from specific endpoint (right cl... — Read more

posted in Cortex XDR Discussions

240 2

Articles

Cortex XDR CS Newsletter May 2024

05-09-2024 — Read all the latest and greatest from Cortex XDR Customer Success! — Read more

Labels: Cortex XDR XDR Newsletter
461 published by in Cortex XDR Articles
05-09-2024 edited by

Cortex XDR CS Newsletter April 2024

04-10-2024 — April 2024 UPCOMING EVENTS Alert Tuning Webinar Series Join us for a Customer Success webinar series, Alert Tuning, starting on April 24! You may register below for the series in advance. Register here: Part 1 | Part 2 Symphony 2024: AI and Automation Come see where security operations are heade... — Read more

Labels: Cortex XDR XDR Newsletter
624 published by in Cortex XDR Articles
04-10-2024 edited by

Cortex XDR CS Newsletter March 2024

03-18-2024 — March 2024 UPCOMING EVENTS Parsing and Correlation Rules Webinar Series Register now for the last part of the webinar series: Parsing & Correlation Rules - Improving Application Security with Correlations. Register here: Part 3 Investigation and Threat Hunting Virtual Workshop Calling all custome... — Read more

Labels: Cortex XDR
724 published by in Cortex XDR Articles
03-18-2024 edited by

Cortex XDR CS Newsletter Feb 2024

02-16-2024 — February 2024 UPCOMING EVENTS Parsing and Correlation Rules Webinar Series Register now for Part 2 of the webinar series: Correlation Rules - the core of detection. You may review the recording for Part 1 in the On-Demand section below Register here: Part 2 | Part 3 Investigation and Threat Hunti... — Read more

Labels: Cortex XDR
809 published by in Cortex XDR Articles
02-16-2024 edited by

Cortex XDR Newsletter Jan 2024

01-10-2024 — January 2024 UPCOMING EVENTS Parsing and Correlation Rules Webinar Series Register now for our upcoming webinar series: Parsing and Correlation Rules - from Fundamentals to Practical Applications, starting on Jan 31st. Register below: Part 1 | Part 2 | Part 3 Investigation and Threat Hunting Virt... — Read more

Labels: Cortex XDR
1433 published by in Cortex XDR Articles
01-10-2024 edited by

Blogs

Securing Kubernetes Clusters: The Cortex XDR and XSIAM Approach

05-16-2024 — Kubernetes has revolutionized the way we deploy and manage applications, but its complexity and dynamic nature also introduce a new set of security challenges. Attackers are constantly looking for ways to exploit vulnerabilities in Kubernetes clus... — Read more

Labels: Cortex XDR Cortex XSIAM Kubernetes
492 by in Community Blogs

Playbook of the Week: Automating Response to Living-Off-the-Land (LOTL) Attacks

05-15-2024 — The Cortex XDR - Remote PsExec with LOLBin command execution alert playbook enables organizations to automate and expedite alert handling. — Read more

Labels: Alert Automation Cortex XDR Cortex XSOAR
779 by in Community Blogs

Leading with a Prevention-First Approach for Cloud Detection and Response

04-25-2024 — As cloud computing continues to evolve and becomes the ad-hoc standard for many of the world’s largest enterprises, we also see attack surfaces growing and the escalation of cyberthreats targeting the cloud and traditional enterprise assets. These... — Read more

Labels: CDR Cloud Cortex XDR Cortex XSIAM detection and response XDR XSIAM
1417 by in Community Blogs

Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400

04-24-2024 — This threat brief is frequently updated as new threat intelligence is available for us to share. The full update log is at the end of this post and offers the fullest account of all changes made. — Read more

Labels: Cortex Cortex XDR Cortex Xpanse Cortex XSIAM threat brief Threat Briefs and Assessments unit 42 unit42
2064 by in Community Blogs

On Credible and Cyber-Contextual Labeling

04-11-2024 — Machine learning (ML) powered methods are rapidly taking over the cybersecurity medium, performing a variety of complex tasks, including detection, prevention, and prioritization. — Read more

Labels: Cortex XDR Incidents labels ML Threat Detection XDR
1921 by in Community Blogs

cortex-xdr-release-notes

Videos

Digital Learning Courses

Visit Palo Alto Networks' learning platform, Beacon, for free technical knowledge and educational resources related to all of our products.

Please note: You need to be logged into SSO in order to view this content.