how frequently XDR will push logs to Cortex?

Hi, 

how frequently XDR will push logs to Cortex? We have application it will write logs 400k per sec and log rotation setup like if file size is 50 MB it will compress the file and zips it. due to this we are missing logs in cortex xdr.

can you plea

Application WhiteListing

I have an application that needs whitelisting.

Actions Done:

Add to Allow List

Add to Malware Profile, under specific module that triggered alert/incident.

It is still showing up in incidents when executed. Any idea what could be going on?

Tons of receptivity.io

I recently see a lot of my end machine shitting this domain: receptivity.io

Started (I dunno even know, a week ago?) My logs can no longer go far enough back to figure it out.

Cause I dunno, MS edge new tab? To hopefully remove the log entries I

AMSI Byte Array Scanning

Does anybody have a solution similar to Defender for Endpoint for using AMSI programmatically to scan incoming files? Essentially, we have a requirement to scan incoming files that are scanned prior to being sent along to their next hop. This all occ

Does Cortex XDR agent require SELinux enabled on RHEL 8

Hello All, 

Could you please let me help me understand, whether Cortex XDR agent require SElinux enabled on Linux RHEL 8?

Requirement document there is no clear information regarding this and also let me know why this SElinux is required.

Thank

Webhooks

can we create webhooks on cortex xdr

Certificate Enforcement issue

We have several machines that are now reporting "Partially Protected" when we enabled Certificate Enforcement on them. 

First they started to show "Local-Store fallback used" in audit logs (informational severity), now we see "Failed to enable cert

Vulnerability Assessment report

Is it possible to create a Vulnerability Assessment base on endpoint with endpoint name, amount of CVE’s, Severity, Severity Score, Last reported Timestamp and Endpoint Type.