Set Up Traps

Also available with Cortex XDR are Traps agents and Traps management service. If you choose to use Traps to monitor and collect endpoint data instead of or in addition to Pathfinder, use this workflow to set up Traps management service. After you Activate Cortex XDR Apps and are assigned a role in Cortex hub, you can begin to set up Traps management service and get started with Traps.
  1. Verify the status of your Traps management service tenant.
    1. From the Cortex Hub, click the gear icon next to your name.
    2. In the Traps area, review the STATUS for Traps management service tenant you just activated.
      When Traps management service tenant is available, the status changes to the green check mark.
  2. Enable access to Traps management service.
  3. Access your Traps management service tenant for the first time.
    There are two ways to access your Traps management service tenant: Return to the Cortex Hub ( and select your tenant from Traps management service tile; or go directly to the web address for your tenant (https://<prefix>
  4. Configure security profiles and assign them to your endpoints.
    Traps provides out-of-the box exploit and malware protection. However, at minimum, you must enable Data Collection in an Agent Settings profile to leverage Traps data in Cortex XDR apps.
  5. Install Traps on your endpoints.
    Data collection is available with Traps 6.0 and later releases and on endpoints running Windows 7 SP1 and later releases.
    1. Create an installation package for Windows endpoints.
    2. Install Traps on Windows endpoints.
  6. If you haven’t done so already, allocate logging storage in Cortex Data Lake for Traps and Endpoint Data collection.

Related Documentation