Cortex XDR applies machine learning at cloud scale to rich network, endpoint, and cloud data, so you can quickly find and stop targeted attacks, insider abuse, and compromised endpoints. Cortex XDR apps consume and correlate data from the Cortex Data Lake to reveal threat causalities and timelines—they're your mission control for complete visibility into network traffic and user behavior.

Latest Releases

Highlights Details
9 February 2020 Traps agent 6.1.5.
5 February 2020 Cortex XDR agent 7.0.1.
2 February 2020 Cortex XDR 2.1.
21 January 2020 For Traps agents running on unpatched Windows 10 endpoints, the Traps agent 6.1.4-h1 release includes a hotfix to address vulnerability CVE-2020-0601. Get all the details in our Release Notes.
19 December 2019 The Cortex XDR agent build 7.0.0.27797 is now replaced with a hotfix build 7.0.0.28644. Installation packages that were generated using the earlier build can no longer be used to install or register new Cortex XDR agents. Cortex XDR agents that were already installed using the earlier build will continue to connect to Cortex XDR and receive policy however, we recommend that you upgrade to the latest build containing the hotfix.
4 December 2019 Cortex XDR is jam-packed with new integrations including the all new Cortex XDR agent for advanced endpoint protection, external log ingestion from Fortinet and Cisco ASA firewall logs, and loads more!
30 October 2019 You can now ingest logs and alerts from external syslog sources such as Check Point firewalls.

Cortex XDR™ Documentation

Cortex XDR™ Prevent Administrator’s Guide


Cortex XDR Prevent provides integrated endpoint protection.

Cortex XDR™ API Reference


Cortex XDR APIs enable you to integrate with Demisto and other third-party tools to view and manage your incidents, endpoints, and Cortex XDR agents.

Cortex XDR™ Pro Administrator’s Guide


Provides comprehensive information for using Cortex XDR to accelerate investigations across your network, endpoint, and cloud data.

Cortex XDR™ Analytics Alert Reference


View all Cortex XDR Analytics alerts.

Cortex XDR™ Release Notes


Review the newest features and known issues for Cortex XDR.

Cortex XDR Agent

Cortex XDR™ Agent Administrator's Guide


Use this guide to install and use the Cortex XDR agent that protects your endpoints from exploits and malware.

Cortex XDR™ Agent Release Notes


Learn more about the new features, known issues, and changes to default behavior in Cortex XDR agent.

Traps Agent Documentation


Cortex XDR supports earlier Traps agent versions starting with Traps 5.0.8 and 6.1.4. See the Traps documentation for more information on these versions.

Additional Resources

Live Community: Cortex XDR


Have questions about Cortex XDR? Join the Live Community to post your questions and get answers.

Palo Alto Networks® Compatibility Matrix


Find compatibility information for the Cortex XDR agent.