Cortex® XDR™ provides a unified, normalized asset inventory
for cloud assets to provide deeper visibility and context for incident
Ingesting and Viewing Cloud Inventory Assets requires
a Cortex XDR Pro per TB license.
Cortex® XDR™ provides a unified, normalized asset
inventory for cloud assets in Google Cloud Platform, Microsoft Azure,
and Amazon Web Services. This capability provides deeper visibility
to all the assets and superior context for incident investigation.
To receive cloud assets, you must first configure a Cloud Inventory
data collector for the vendor in Cortex XDR. As soon as Cortex
XDR begins receiving cloud assets, you can view the data in
The following are some of the main features available to you
on these pages.
When any row in the table is selected, a side panel on
the right with greater details is displayed, where you can view
additional data divided by sections. The following are some descriptions
of the main sections.
there are any open external ports, these ports and their corresponding
details are displayed, so you can quickly identify the source of
the problem. You can also view the raw JSON text of the banner details
obtained from Cortex Xpanse.
—Displays the identities
of the latest 5 editors listing the percentage of editing actions
for a single identity. A link is provided to open a predefined query
in XQL Search on the
to view the edit operations by the identity selected for this asset
in the last 7 days.
—Details the asset metadata
collected for the particular row selected in the table.
Depending on the cell you’ve selected in the table, different
right-click pivot menus are available, such as
Open in Quick Launcher
You can export the tables and respective asset views to a
tab-separated values (TSV) file.