The Cortex XDR™ app offers you complete visibility over network traffic, user behavior, and endpoint activity. It simplifies threat investigation by correlating logs from your sensors to reveal threat causalities and timelines. This enables you to easily identify the root cause of every alert. The app also allows you to perform immediate response actions. Finally, to stop future attacks, you can pro-actively define IOCs and BIOCs to detect and respond to malicious activity.

Cortex XDR™ Overview

New to Cortex XDR? Learn more here!

Get Started with Cortex XDR Pro

Ready to get started? Learn about the steps needed to set up Cortex XDR Pro.

Features Introduced in Cortex XDR™

See what's new in Cortex XDR!

Cortex XDR™ Pro Feature Areas

Endpoint Security

External Data Ingestion


Investigation and Response


Log Forwarding

Broker VM

Asset Management

Managed Security

How does Cortex XDR work?

Enterprise security teams have too many tools that deliver too little insight, drowning analysts in security alerts while failing to stop threats. XDR provides a better way forward. See how Cortex XDR integrates data sources and capabilities associated with tools such as EDR, EPP, NTA, and UEBA to boost visibility, accelerate investigations, and reduce complexity.