Cortex XDR consumes and correlates data from the Cortex Data Lake to reveal threat causalities and timelines—it's your mission control for complete visibility into all your endpoint and network traffic. The Cortex XDR app triggers alerts based on indicators of compromise (including behavioral anomalies) and can send those alerts to the Cortex Data Lake (formerly Logging Service). Cortex XDR is a single interface from which you can investigate and triage alerts, take remediation actions, and define policies to prevent future attacks.

Before you begin using Cortex XDR, make sure you review the following information:

To view the current operational status of Palo Alto Networks cloud services including apps Cortex XDR apps, see https://status.paloaltonetworks.com/. We recommend that you subscribe to the status page for service-related announcements.