CORTEX XDR

Palo Alto Networks
named a Leader by
Gartner® for Cortex XDR.

Recognized for ability to execute and completeness of vision.

Break free from legacy endpoint solutions.

With the Cortex® platform offer for endpoint security.
Symphony logo

AI and automation:
The future of SecOps.

Come see where security operations are headed next.

Unbiased Testing. Unbeatable Results.

ONLY Cortex Delivers 100% Protection and Detection in MITRE Engenuity


The Resilient SOC

Essential Reading for CISOs


Why Cortex XDR

Stop attacks with full visibility and analytics


Sit back, relax and let Cortex XDR protect you

  • COMPLETE ENDPOINT SECURITY

    Safeguard your endpoints with NGAV, host firewall, disk encryption and USB device control.
  • ML-DRIVEN THREAT DETECTION

    Find hidden threats like insider abuse, credential attacks, malware and exfiltration using behavioral analytics.
    ML-DRIVEN THREAT DETECTION
  • INCIDENT MANAGEMENT

    Cut investigation time with intelligent alert grouping. Incident scoring lets you focus on the threats that matter.
    INCIDENT MANAGEMENT
  • AUTOMATED ROOT CAUSE ANALYSIS

    Swiftly verify threats by reviewing the root cause, sequence of events, intelligence and investigative details all in one place.
    AUTOMATED ROOT CAUSE ANALYSIS
  • DEEP FORENSICS

    Conduct deep internal and regulatory investigations, even if endpoints are not connected to the network.
    DEEP FORENSICS
  • FLEXIBLE RESPONSE

    Block fast-moving attacks, isolate endpoints, execute scripts and sweep across your entire environment to contain threats in real time.
    FLEXIBLE RESPONSE
  • EXTENDED THREAT HUNTING

    Conduct more granular and advanced threat hunting operations in your security environment using extended data collection and analysis.
    EXTENDED THREAT HUNTING
ML-DRIVEN THREAT DETECTION
INCIDENT MANAGEMENT
AUTOMATED ROOT CAUSE ANALYSIS
DEEP FORENSICS
FLEXIBLE RESPONSE
EXTENDED THREAT HUNTING

Deeper visibility to enable advanced threat hunting

Take a proactive stance against advanced threats. The eXtended Threat Hunting (XTH) Data Module enhances visibility and data collection by Cortex XDR. This empowers SecOps to prevent and detect threats faster — and with more precision.

  • Unlock additional analytics and machine learning detectors.

  • Sharpen the ability to identify, prevent and block complex attacks.

  • Proactively hunt with advanced analytics and behavioral models.

  • Identify causality links between attacker actions and affected entities.

XDR UI

Best-in-class coverage for stealthy identity threats

Protect your organization without slowing down the business. The new advanced Identity Threat Detection and Response Module from Cortex XSIAM and XDR® provides best-in-class coverage for stealthy identity threat vectors, including compromised accounts and insider threats.

  • Make decisions faster with enhanced views of your organization’s risk posture

  • Gain forensic-level visibility into the asset to easily uncover hidden threats

  • Automate and customize the continuous analysis of user and host activities

  • Swiftly triage and investigate alerts with precise profile information

User Dashboard

Drive better security outcomes

Accelerate threat response, streamline operations and increase SOC productivity with Cortex XDR.

Break the attack lifecycle

Drops the malicious file


1

Disables volume shadow copy


2

Modifies the registry


3

Extracts EaseUS drivers


4

Enumerates files and corrupts partition information


5
Blocked with Local Analysis, Yara rules, Behavioral Threat Protection and WildFireBlocked with Behavioral Threat ProtectionDetected with AnalyticsBlocked with Behavioral Threat ProtectionBlocked with Behavioral Threat Protection

Cortex XDR stops the most advanced threats, including Russia-Ukraine cyber activity and the SolarWinds supply chain attack as well as Log4Shell, SpringShell, and PrintNightmare vulnerability exploits. For an interactive demo, see the Log4j incident response simulation.

See how Cortex XDR beats the competition

  • Crowdstrike Logo
  • Cybereason Logo
  • MicroSoft XDR Logo
  • Sentinel One Logo
  • Trend Micro Logo
  • VMWare XDR Logo

Two powerful offerings. Comprehensive protection.

CORTEX XDR PREVENT
Next-Generation AntivirusBlock malware, ransomware, exploits and fileless attacks
Check Green
Endpoint ProtectionSafeguard endpoints with device control, firewall and disk encryption
Check Green
Detection and ResponsePinpoint attacks with AI-driven analytics and coordinate response
Managed Detection and Response Let Unit 42 experts work for you 24/7 to detect and respond to threats
Host InsightsFind vulnerabilities and sweep across endpoints to eradicate threats
ForensicsInvestigate incidents swiftly with comprehensive forensics evidence
eXtended Threat HuntingDeep endpoint telemetry to support advanced threat hunting operations
     CORTEX XDR PRO     
Next-Generation AntivirusBlock malware, ransomware, exploits and fileless attacks
Check Green
Endpoint ProtectionSafeguard endpoints with device control, firewall and disk encryption
Check Green
Detection and ResponsePinpoint attacks with AI-driven analytics and coordinate response
Check Green
Managed Detection and Response Let Unit 42 experts work for you 24/7 to detect and respond to threats
Host InsightsFind vulnerabilities and sweep across endpoints to eradicate threats
ForensicsInvestigate incidents swiftly with comprehensive forensics evidence
eXtended Threat HuntingDeep endpoint telemetry to support advanced threat hunting operations

Unrivaled innovation to outpace attackers

Cortex Time line
Swipe for More

Maximize ROI by boosting SOC efficiency

  • Eliminate siloed tools for a more efficient SOC

  • Reduce setup, tuning and operating costs with cloud-delivered services and out-of-the-box detection

  • Cut the cost of attacks with better protection and faster response

Maximize ROI by consolidating your operations

Trusted by companies worldwide

FEATURED CASE STUDY

State of North Dakota unifies security and filters out the noise with Cortex XDR