Endpoint Security Profiles

Rather than defining a new security profile for each of your endpoints, you can apply the pre-configured Cortex XDR security profiles instead.
Cortex
XDR
provides default security profiles that you can use out of the box to immediately begin protecting your endpoints from threats.
While security rules enable you to block or allow files to run on your endpoints, security profiles help you customize and reuse settings across different groups of endpoints. When the
Cortex
XDR
agent detects behavior that matches a rule defined in your security policy, the
Cortex
XDR
agent applies the security profile that is attached to the rule for further inspection.
From
Endpoints
Policy Management
Prevention
Profiles
, you can create the following profiles. The
Prevention Profiles
table lists all the profiles per operating system. Profiles associated with one or more targets that are beyond your defined user scope are locked and cannot be edited.
Profile Name
Description
Exploit Profiles
Exploit profiles block attempts to exploit system flaws in browsers, and in the operating system. For example, Exploit profiles help protect against exploit kits, illegal code execution, and other attempts to exploit process and system vulnerabilities. Exploit profiles are supported for Windows, Mac, and Linux platforms.
Malware Profiles
Malware profiles protect against the execution of malware including trojans, viruses, worms, and grayware. Malware profiles serve two main purposes: to define how to treat behavior common with malware, such as ransomware or script-based attacks, and to define how to treat known malware and unknown files. Malware profiles are supported for all platforms.
Add a New Malware Security Profile
Add a New Malware Security Profile
.
Restrictions Profiles
Restrictions profiles limit where executables can run on an endpoint. For example, you can restrict files from running from specific local folders or from removable media. Restrictions profiles are supported only for Windows platforms.
Agent Settings Profiles
Agent Settings profiles enable you to customize settings that apply to the
Cortex
XDR
agent (such as the disk space quota for log retention). For Mac and Windows platforms, you can also customize user interface options for the
Cortex
XDR
console, such as accessibility and notifications.
Exceptions Profiles
Exceptions Security Profiles override the security policy to allow a process or file to run on an endpoint, to disable a specific BTP rule, to allow a known digital signer, and to import exceptions from the
Cortex
XDR
support team. Exceptions profiles are supported for Windows, Mac, and Linux platforms.
After you add the new security profile, you can Manage Endpoint Security Profiles.

Recommended For You