Cortex XDR applies machine learning at cloud scale to rich network, endpoint, and cloud data, so you can quickly find and stop targeted attacks, insider abuse, and compromised endpoints. Cortex XDR apps consume and correlate data from the Cortex Data Lake to reveal threat causalities and timelines—they're your mission control for complete visibility into network traffic and user behavior.
|24 September 2019||Configure a new incident starring policy to enable Cortex XDR to categorize incidents that contain characteristics that are important to you.|
|6 August 2019||Two apps become one! Cortex XDR now includes all investigation, response, and analytics capabilities.|
|30 June 2019||Cortex XDR welcomes Demisto with new APIs to help you leverage Demisto for automated incident response and security orchestration.|
|21 May 2019
||Cortex XDR – Analytics can now analyze your GlobalProtect VPN traffic and adds 12 new alerts.|
|29 April 2019||The Cortex XDR – Investigation and Response app now aggregates alerts and artifacts related to a detected threat into a single incident.|
|16 April 2019||Cortex hub now provides role management for apps—use the hub to manage who has access to your Cortex apps and what level of access they have.|