Cortex XDR applies machine learning at cloud scale to rich network, endpoint, and cloud data, so you can quickly find and stop targeted attacks, insider abuse, and compromised endpoints. Cortex XDR apps consume and correlate data from the Cortex Data Lake to reveal threat causalities and timelines—they're your mission control for complete visibility into network traffic and user behavior.
Latest Releases
| Highlights | Details |
|---|---|
| 24 September 2019 | Configure a new incident starring policy to enable Cortex XDR to categorize incidents that contain characteristics that are important to you. |
| 6 August 2019 | Two apps become one! Cortex XDR now includes all investigation, response, and analytics capabilities. |
| 30 June 2019 | Cortex XDR welcomes Demisto with new APIs to help you leverage Demisto for automated incident response and security orchestration. |
| 21 May 2019 |
Cortex XDR – Analytics can now analyze your GlobalProtect VPN traffic and adds 12 new alerts. |
| 29 April 2019 | The Cortex XDR – Investigation and Response app now aggregates alerts and artifacts related to a detected threat into a single incident. |
| 16 April 2019 | Cortex hub now provides role management for apps—use the hub to manage who has access to your Cortex apps and what level of access they have. |
Cortex XDR™ Documentation
Cortex XDR™ Administrator’s Guide
Provides comprehensive information for using Cortex XDR to accelerate investigations across your network, endpoint, and cloud data.
Cortex XDR™ Release Notes
Review the newest features and known issues for Cortex XDR.
Cortex XDR API Reference
Cortex XDR APIs enable you to integrate with Demisto and other third-party tools to view and manage your Cortex XDR - Investigation and Response incidents.
Additional Resources
Cortex XDR™ Analytics Alert Reference
View all Cortex XDR Analytics alerts.
Live Community: Cortex XDR
Have questions about Cortex XDR? Join the Live Community to post your questions and get answers.