New Features: April 2019

FeatureDescription
Traps-Only Detection
Cortex XDR – Analytics no longer requires you to deploy Palo Alto Networks firewalls to begin collecting data for analysis. You can now use Traps to provide the endpoint activity that Cortex XDR – Analytics uses to analyze and raise alerts for malicious activity. For greater coverage and context when investigating alerts, we recommend using both Palo Alto Networks firewall logs and Traps endpoint data when available.
Role Management from Cortex HubTo enable you to manage roles for all Cortex apps in a single location, you now manage roles from the Cortex hub. Any existing users who were assigned roles in the Customer Support Portal are automatically migrated to Cortex hub: Users that were previously assigned the Super User role are now assigned the Account Administrator role in Cortex hub. Users that were previously assigned Standard and Magnifier roles are now assigned the App Administrator role for the Cortex XDR – Analytics app which allows users to manage all app instances. We recommend that you review the Cortex Hub Getting Started Guide and the roles assigned to your users following this migration of roles to Cortex hub to determine if any changes are required.
Performance Enhancements
April 8, 2019—Updated to include performance enhancements.

Related Documentation