POST TEST CORTEX XDR

Cortex XDR Pro per Endpoint

Cortex XDR Vendor Pro Per Host

Cortex XDR Pro Per TB

Cortex XDR Cloud Per Host

New

New Incident

Unassigned

Pending

Create a custom XQL widget

Click the star in the widget

This is not currently supported

Create a custom report and filter on starred incidents

In the WildFire Analysis report at related Artifacts in the incidents details page

Under Response --> Action Center

under the gear icon --> Agent Audit Logs

on the HUB page at apps paloaltonetwork

Dashboard & Reports

Endpoint

Alert

Incident Response

This is used to create a profiles and policy rules

This is used to track progress of all actions initiated from various points on the interface.

This is used to view a causality chain

This is used to manage an incident

TRUE

FALSE

Action Center -> New action -> Live Terminal

via Endpoint -> Security Operation -> Initiate Live Terminal

via SSH connection

Alerts

Management Audit Log

Agent Audit Log

Threat Log

HUB paloaltonetworks.com

Endpoint -> Agent Installations

Endpoint -> Installer

Paloaltonetworks Community