This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Security Operations
Post questions, provide answers, share best practices, and connect with peers and experts in this area dedicated to Cortex XDR, XSOAR, and Xpanse discussions.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Security Operations
Post questions, provide answers, share best practices, and connect with peers and experts in this area dedicated to Cortex XDR, XSOAR, and Xpanse discussions.

Browse the Community

Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

2082 Posts

Cortex XSOAR Discussions

Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

1127 Posts

Cortex Xpanse Discussions

Cortex Xpanse builds a system of record that is the authoritative source for an organization’s global Internet assets; it knows your attack surface so you can own it before someone else.

7 Posts

Cortex XSIAM Discussions

Cortex XSIAM, the autonomous security platform powering the Modern SOC, operates across cloud and enterprise security operations, providing true end-to-end management of threats wherever they originate.

40 Posts

Activity in Security Operations

Start a conversation

PCSAE exam question

Hi.I thought answers  are A,B,D but some sources say it is BCD or ECD.I don't know which one is true.

 

In which three locations can an engineer try to find information, when troubleshooting a failed integration instance error produced by the test bu

...

PCSAE exam question

Which ones are true?I thought it is BD but some sources say it is CD

 

Which two statements describe how timers are configured to start and stop automatically in a playbook? (Choose two.)

  • A. Use a field of Number to count the number of seconds elapse
...

Ingest AWS GuardDuty logs

Dear community,

 

I'm seeking help to ingest AWS Guardduty logs into Cortex XDR.

I did check the documentation and only found the method to ingest AWS assets, Flow log via S3 and Route53 via S3. 
I don't mind the AWS guardduty logs is not normalized,

...

Resolved! no alerts no incident

Hi everyone, i have an issue. Cortex receives data from data sources (endpoints, servers etc) but i can not see alerts and incidents. My dashbord shows 0 alert and 0 incident. Who could help to me?

XQL Query for a Correlation Rules

I am trying to write a xql query for a correlation rule in which alert or incident will trigger for below condition.
Condition:

Threshold: Only once on match 2

Detect on unique values of: hostname

So, my question is. how to write "Detect on unique valu

...

Agent update failed

3 computers failed to update the agent,current version 8.4.1.53273 and target version is 8.5.0.624. PC1 Additional Date:Windows Installer DB: Extra reference(s) to agent component(s); PC2 Additional Date:Windows Installer DB: Current agent registr...

zhouming by L0 Member
  • 181 Views
  • 1 replies
  • 0 Likes
Load more
Register or Sign-in
Top Solution Authors
View All
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks