CORTEX XDR

XDR 3.0: Next Has Arrived

The third generation of XDR secures against cloud and identity-based threats.
How to Prepare for the Next Big Cyberattack

How to Prepare for the Next Big Cyberattack

Carbanak+Fin7: MITRE ATT&CK Results Unpacked

Carbanak+Fin7: MITRE ATT&CK Results Unpacked

Gartner Innovation Insight for Detection and Response

Gartner Innovation Insight for Detection and Response


Why Cortex XDR

Stop attacks with 360-degree visibility and analytics

Proven endpoint protection

Block advanced malware, exploits and fileless attacks with the industry’s most comprehensive endpoint security stack. Our lightweight agent stops threats with Behavioral Threat Protection, AI and cloud-based analysis.

Laser-accurate detection

Pinpoint evasive threats with patented behavioral analytics. Cortex XDR uses machine learning to profile behavior and detect anomalies indicative of attack. Analytics lets you spot adversaries attempting to blend in with legitimate users.

Lightning-fast investigation and response

Investigate threats quickly by getting a complete picture of each attack, including alerts, artifacts and MITRE tactics with incident management. You can view the root cause of any alert with a single click and swiftly stop attacks across your environment.


Sit back, relax and let Cortex XDR protect you

  • COMPLETE ENDPOINT SECURITY

    Safeguard your endpoints with NGAV, host firewall, disk encryption and USB device control.
  • ML-DRIVEN THREAT DETECTION

    Find hidden threats like insider abuse, credential attacks, malware and exfiltration using behavioral analytics.
  • INCIDENT MANAGEMENT

    Cut investigation time with intelligent alert grouping. Incident scoring lets you focus on the threats that matter.
  • DEEP FORENSICS

    Conduct deep internal and regulatory investigations, even if endpoints are not connected to the network.
  • FLEXIBLE RESPONSE

    Block fast-moving attacks, isolate endpoints, execute scripts and sweep across your entire environment to contain threats in real time.

Tested. Reviewed. Proven.

Exceptional test results and praise from analysts and customers make it easy to trust Cortex XDR.

Bar Graph of Protection and Analytics Detection Scores

Two powerful offerings. Comprehensive protection.

CORTEX XDR PREVENT CORTEX XDR PRO
Data sourcesCollect comprehensive data for extended visibility
Endpoint
Endpoint, network, cloud and third-party data resources
Next-Generation AntivirusBlock malware, ransomware, exploits and fileless attacks
Endpoint protectionSecure your endpoints with device control, host firewall and disk encryption
Detection and responsePinpoint attacks with AI-driven analytics and coordinate response
Managed threat huntingLet Unit 42 experts hunt for threats in your environment
Host insightsFind vulnerabilities and sweep across endpoints to eradicate threats
ForensicsInvestigate incidents swiftly with comprehensive forensics evidence
Threat intelligenceEnrich investigations with tailored intelligence and in-depth context
Wildfire analysis included; additional feeds optional
Wildfire analysis included; additional feeds optional
CORTEX XDR PREVENT
Data sourcesCollect comprehensive data for extended visibility
Endpoint
Next-Generation AntivirusBlock malware, ransomware, exploits and fileless attacks
Endpoint protectionSecure your endpoints with device control, host firewall and disk encryption
Detection and responsePinpoint attacks with AI-driven analytics and coordinate response
Managed threat huntingLet Unit 42 experts hunt for threats in your environment
Host insightsFind vulnerabilities and sweep across endpoints to eradicate threats
ForensicsInvestigate incidents swiftly with comprehensive forensics evidence
Threat intelligenceEnrich investigations with tailored intelligence and in-depth context
Wildfire analysis included; additional feeds optional
CORTEX XDR PRO
Data sourcesCollect comprehensive data for extended visibility
Endpoint, network, cloud and third-party data resources
Next-Generation AntivirusBlock malware, ransomware, exploits and fileless attacks
Endpoint protectionSecure your endpoints with device control, host firewall and disk encryption
Detection and responsePinpoint attacks with AI-driven analytics and coordinate response
Managed threat huntingLet Unit 42 experts hunt for threats in your environment
Host insightsFind vulnerabilities and sweep across endpoints to eradicate threats
ForensicsInvestigate incidents swiftly with comprehensive forensics evidence
Threat intelligenceEnrich investigations with tailored intelligence and in-depth context
Wildfire analysis included; additional feeds optional

Drive better security outcomes

Accelerate threat response, streamline operations and increase SOC productivity with Cortex XDR.

Break the attack lifecycle

SolarWinds Orion downloads SUNBURST DLL file


1

SUNBURST “checks in” through DNS requests


2

SUNBURST downloads and executes Cobalt Strike


3

Cobalt Strike establishes C2


4

Lateral Movement


5

Exfiltration


6
Blocks with Threat Intel, Local Analysis, and WildFire Blocks known SolarStorm domains Blocks with Behavioral Threat Protection, Threat Intel, Local Analysis, and WildFire Blocks known SolarStorm C2 domains Blocks password theft and detects discovery with behavioral analytics Detects exfil with behavioral analytics


Cortex XDR detects and stops the most advanced attacks to keep you safe. When Palo Alto Networks experienced an attempt to download Cobalt Strike on one of its IT SolarWinds servers, Cortex XDR prevented the SolarStorm attack with its Behavioral Threat Protection capability—before the attack was publicly disclosed. After the attack, additional defenses were added to fend off the risk of intrusion at every step.

Rewire security operations

Collect and integrate rich data and accelerate investigations to stop modern attacks.

white triangle

Unrivaled innovation to outpace attackers

Our platform is built on constant innovation. As threats evolve, we’re committed to delivering new features that enhance security efficacy and streamline operations. With Cortex XDR, “We’ve Got Next.”

Cortex Time line
Swipe for More

Maximize ROI by consolidating tools and simplifying SecOps

Cut costs by 44% when you leverage the combined capabilities of Cortex XDR

  • Eliminate siloed, on-premises tools for a more efficient SOC
  • Reduce setup, tuning and operating costs with cloud-delivered services and out-of-the-box detection
  • Decrease threat hunting costs with powerful search tools and automation
  • Cut the cost of attacks with better protection and faster response

With Cortex XDR, you can safeguard your business against breaches while lowering your costs.

Maximize ROI by consolidating your operations
North Dakota Cherwell

Hear from our customers

“We desperately needed to do automation and to have a tool that filtered through all the noise. Cortex is doing exactly that. We’re seeing the noise going away, and we’re getting to the important alerts that we hadn't seen previously.”
Ryan Kramer, Enterprise Network Architect, State of North Dakota
“Once we got Cortex XDR in, we had the relief of knowing we were seeing real viable data, information we could react to, information we could act on and what the endpoints were doing. There was this tremendous relief that now we could be ahead of the situation.”
Greg Biegen, Director of Information Security, Cherwell Software