* [Blog](https://www.paloaltonetworks.com/blog)
* [Security Operations](https://www.paloaltonetworks.com/blog/security-operations/)
* [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles-zh-hant/?lang=zh-hant)
* Cortex XDR：一次、兩次、三次成為領導者...

# Cortex XDR：一次、兩次、三次成為領導者

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fsecurity-operations%2Fcortex-xdr-once-twice-three-times-a-leader%2F%3Flang%3Dzh-hant)  
[](https://twitter.com/share?text=Cortex+XDR%EF%BC%9A%E4%B8%80%E6%AC%A1%E3%80%81%E5%85%A9%E6%AC%A1%E3%80%81%E4%B8%89%E6%AC%A1%E6%88%90%E7%82%BA%E9%A0%98%E5%B0%8E%E8%80%85&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fsecurity-operations%2Fcortex-xdr-once-twice-three-times-a-leader%2F%3Flang%3Dzh-hant)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fsecurity-operations%2Fcortex-xdr-once-twice-three-times-a-leader%2F%3Flang%3Dzh-hant&title=Cortex+XDR%EF%BC%9A%E4%B8%80%E6%AC%A1%E3%80%81%E5%85%A9%E6%AC%A1%E3%80%81%E4%B8%89%E6%AC%A1%E6%88%90%E7%82%BA%E9%A0%98%E5%B0%8E%E8%80%85&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/security-operations/cortex-xdr-once-twice-three-times-a-leader/?lang=zh-hant&ts=markdown)  
\[\](mailto:?subject=Cortex XDR：一次、兩次、三次成為領導者)  
Link copied  
By [Kasey Cross](https://www.paloaltonetworks.com/blog/author/kasey-cross/?lang=zh-hant&ts=markdown "Posts by Kasey Cross") and [Irena Damsky](https://www.paloaltonetworks.com/blog/author/irena-damsky/?lang=zh-hant&ts=markdown "Posts by Irena Damsky")  
Dec 05, 2022  
1 minutes  
[Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles-zh-hant/?lang=zh-hant&ts=markdown)  
[News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events-zh-hant/?lang=zh-hant&ts=markdown)

This post is also available in: [English (英語)](https://www.paloaltonetworks.com/blog/security-operations/cortex-xdr-once-twice-three-times-a-leader/ "Switch to 英語(English)") [简体中文 (簡體中文)](https://www.paloaltonetworks.com/blog/security-operations/cortex-xdr-once-twice-three-times-a-leader/?lang=zh-hans "Switch to 簡體中文(简体中文)") [日本語 (日語)](https://www.paloaltonetworks.com/blog/security-operations/cortex-xdr-once-twice-three-times-a-leader/?lang=ja "Switch to 日語(日本語)") [한국어 (韓語)](https://www.paloaltonetworks.com/blog/security-operations/cortex-xdr-once-twice-three-times-a-leader/?lang=ko "Switch to 韓語(한국어)")

### **Cortex XDR 在 2022 年 AV-Comparatives 端點防禦和回應測試中獲評為策略領導者**

![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/10/AV.png)連續第三年，AV-Comparatives 在本身的端點防禦和回應 (EPR) 測試中將 Cortex XDR 評為策略領導者。我們很興奮參與世界上最全面的端點安全評估之一，我們很榮幸在 AV-Comparatives EPR 網路風險象限中獲得策略領導者評等 (最高評等)。

在今年的測試中，Cortex XDR 表現優異，在多階段評估的第 2 階段 100% 阻止全部 50 種攻擊情境，藉以在攻擊進入第 3 階段 (資產洩露階段) 之前阻止全部攻擊。由於絕佳的防禦、偵測和回應能力，以及較低的營運和工作流程成本，Cortex XDR 成為整體擁有成本 (TCO) 得分最低的產品之一。

![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/10/EPR-Quadrant.png)

### **EPR 測試中的 MITRE ATT\&CK 技術**

AV-Comparatives EPR 測試使用 [MITRE ATT\&CK 企業矩陣](https://attack.mitre.org/matrices/enterprise/)中列出的攻擊者技術模擬真實的攻擊序列。 在攻擊情境中，AV-Comparatives 執行以綠色突顯的下列技術。如需詳細資訊，請參考測試中所用 ATT\&CK 策略和技術的[放大檢視](https://www.av-comparatives.org/wp-content/uploads/2022/09/EPR2022.svg)。

![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/10/YQKh7nES8UiI5bkt39EzEAv6mrKppoQ3sDayiYVASGvPD41v0IK2NRCfn9qRiuWZCg9PACYpjeTRYpx804fndH9-uDNTgBLvyHqAWuw1ULpWoGEOSTuhJoMB39Pa.png)

「MITRE ATT\&CK 企業矩陣」列舉在世界上最危險的攻擊者的真實攻擊中觀察到的策略、技術和程序 (TTP)。這有助於安全團隊對威脅進行分類、識別攻擊屬性和目標，並評估企業的風險。

依據 ATT\&CK 知識庫的獨立測試，例如 AV-Comparatives EPR 測試和 [MITRE ATT\&CK 評估](https://www.paloaltonetworks.com/cortex/cortex-xdr/mitre?ts=markdown)，提供對安全效用的重要見解。這些測試會評估阻止進階 TTP 的能力，而不僅評估阻止惡意軟體檔案的能力。由於現實生活中的攻擊通常涉及多個步驟，而不僅是惡意檔案，因此 AV-Comparatives EPR 測試之類的評估提供端點安全效用的全貌。

### **Cortex XDR EPR 測試重點**

AV-Comparatives EPR 測試促進 10 家端點安全廠商相互競爭，對偵測、防禦和回應能力進行全面嚴格的評估。評估包括 50 個獨立的針對性攻擊情境，各個情境均包括三個階段：

1. 端點入侵並取得立足點
2. 內部擴散
3. 資產入侵

在各個階段，AV-Comparatives 都會評估各個產品是否阻止 (主動回應) 或偵測到 (被動回應) 攻擊者技術。

Cortex XDR 在評估的第一階段主動阻止 50 項測試中的 45 項，在全部三個階段達到 96.7% 的總主動回應平均分數，並偵測到 50 項中的 47 項，達到對攻擊情境的 98% 的總被動回應比率。在第二階段的評估中，Cortex XDR 阻止第一階段未阻止的攻擊情境，達到 100% 的整體累計回應率，因為它可在資產入侵階段之前阻止全部 50 個測試情境。

![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/10/3E5h_IbqU1h9bkpTM6mnIp3yeUjnELvpOO0OXvWdQLogqj5HhyTOVautedl-miyZzNOQB2MCJOY6lXAcagv7eUWcvpQ27mmx1kPBrBQKla_gLyPAjSwWXeZ01TXu.png)

Cortex XDR 代理程式與 Palo Alto Networks [WildFire 惡意軟體防禦服務](https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/endpoint-security/endpoint-security-profiles/add-malware-security-profile/wildfire-analysis-concepts)相整合，可透過威脅情報阻止已知惡意軟體，並透過 WildFire 的雲端式惡意軟體分析來分析未知檔案。如果 WildFire 確定未知檔案有惡意，Cortex XDR 將終止執行這個檔案的程序。WildFire 的這種額外分析能夠提高 Cortex XDR 的被動回應率。AV-Comparatives EPR 測試結果並未完全考量 WildFire 雲端式分析，因為當 AV-Comparatives 測量回應率時，WildFire 裁定可能會在執行後收到。

AV-Comparatives EPR 報告指出，「Palo Alto Networks Cortex XDR Pro 能夠充分處理針對企業使用者的威脅，尤其是在威脅可能進入並滲透到企業網路之前。」此外，EPR 報告指出，Cortex XDR「提供建立不同行為規則集的能力，以及促進多個使用者同時協作處理任何特定威脅情境的良好分類能力」，而且「與 MITRE 的 TTP \[策略、技術和程序\] 充分對應，能夠為低層級 SOC 分析師提供進一步調查和必要時升級所需的數據。」

### **立即取得報告！**

我們很高興參加 2022 年 AV-Comparatives EPR 測試，並展示我們致力於提供同級最佳安全性的成果，這種安全性從端點開始，並透過擴展的偵測與回應 (XDR) 擴展為保護全部資產。

若要了解我們與競爭對手的優劣比較，請下載 [2022 年 AV-Comparatives EPR 比較報告](https://www.paloaltonetworks.com/resources/research/av-comparatives-endpoint-prevention-response-test-2022?ts=markdown)。您也可以參閱 [Palo Alto Networks Cortex XDR 產品驗證報告](https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/reports/AV-Comparatives-EPR_Single_PaloAltoNetworks_2022.pdf?ts=markdown)，深入了解我們的個別結果。

*** ** * ** ***

## Related Blogs

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement-zh-hant/?lang=zh-hant&ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles-zh-hant/?lang=zh-hant&ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events-zh-hant/?lang=zh-hant&ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features-zh-hant/?lang=zh-hant&ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services-zh-hant/?lang=zh-hant&ts=markdown)

[#### Forrester 將 Palo Alto Networks 評選為 XDR 領導者](https://www.paloaltonetworks.com/blog/2024/07/forrester-names-palo-alto-networks-a-leader-in-xdr/?lang=zh-hant)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement-zh-hant/?lang=zh-hant&ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles-zh-hant/?lang=zh-hant&ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events-zh-hant/?lang=zh-hant&ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services-zh-hant/?lang=zh-hant&ts=markdown)

[#### 唯有 Cortex 能在 MITRE Engenuity 中展現 100% 的防護和偵測能力](https://www.paloaltonetworks.com/blog/2023/10/mitre-engenuity-attck-evaluations-results/?lang=zh-hant)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement-zh-hant/?lang=zh-hant&ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events-zh-hant/?lang=zh-hant&ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features-zh-hant/?lang=zh-hant&ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services-zh-hant/?lang=zh-hant&ts=markdown)

[#### 隆重推出 Cortex Cloud --- 即時雲端安全的未來](https://www.paloaltonetworks.com/blog/2025/03/announcing-innovations-cortex-cloud/?lang=zh-hant)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement-zh-hant/?lang=zh-hant&ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events-zh-hant/?lang=zh-hant&ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services-zh-hant/?lang=zh-hant&ts=markdown)

[#### Forrester 將 Palo Alto Networks 評選為攻擊範圍管理領導者](https://www.paloaltonetworks.com/blog/2024/10/forrester-names-palo-alto-networks-a-leader-in-attack-surface-management/?lang=zh-hant)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement-zh-hant/?lang=zh-hant&ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles-zh-hant/?lang=zh-hant&ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features-zh-hant/?lang=zh-hant&ts=markdown)

[#### Cortex Copilot - 在 SecOps 中，您維護安全的方式應該更聰明，而非更困難](https://www.paloaltonetworks.com/blog/security-operations/cortex-copilot-in-secops-you-should-secure-smarter-not-harder/?lang=zh-hant)

### Subscribe to Security Operations Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language