Cortex XDR™ – Investigation and Response Overview

The Cortex XDR™ – Investigation and Response app offers you complete visibility over network traffic, user behavior, and endpoint activity. It simplifies threat investigation by correlating logs from your network sensors (next-generation firewalls, Traps endpoint agents, and so forth) to reveal threat causalities and timelines. This enables you to easily identify the root cause of every alert. The app also allows you to perform immediate response actions. Finally, to stop future attacks, you can proactively define indicators of compromise (IOC) and behavioral rules to detect and respond to malicious activity.

Related Documentation