SHA256 hash of the file

AES256 hash of the file

MD5 hash of the file

SHA1 hash of the file

It is true positive.

It is false positive.

It is a false negative.

It is true negative.

Create a custom XQL widget

This is not currently supported

Create a custom report and filter on starred incidents

Click the starin the widget

connecting unknown media to an endpoint that copied malware due to Autorun.

a user executing code which takes advantage of a vulnerability on a local service.

identifying vulnerable services on a server.

executing a process executable for well-known and signed software.

The Cortex XDR agent will allow the process that was blocked to run on the endpoint.

The Cortex XDR console will hide those alerts.

The Cortex XDR agent will not create an alert for this event in the future.

The Cortex XDR console will delete those alerts and block ingestion of them in the future.

Automatically close the connections involved in malicious traffic.

Automatically kill the processes involved in malicious activity.

Automatically terminate the threads involved in malicious activity.

Automaticallyblock the IP addresses involved in malicious traffic.