CORTEX XDR

Industry-First XDR

Stop attacks with the power of AI and full visibility.

See the Journey to XDR

Get the datasheet

SYMPHONY 2022

Watch the premier summit for security operations
as we present a roadmap for building a modern SOC.

Featuring Nir Zuk, Lee Klarich and special guest,
Cybercrime Journalist, Brian Krebs.

Watch On Demand

Cortex XDR Triumphs in 2022 MITRE ATT&CK Evaluations

Delivering 100% prevention and 100% detection across all 19 evaluation steps

Understand the results

Watch on-demand

Gartner Market Guide for Extended Detection and Response

Get the report

How to Prepare for the Next Big Cyberattack

Get the white paper

Carbanak+Fin7: MITRE ATT&CK Results Unpacked

What’s Next for Next-Gen Antivirus?

Read the paper

Why Cortex XDR

Stop attacks with full visibility and analytics

Proven endpoint protection

Block advanced malware, exploits and fileless attacks with the industry’s most comprehensive endpoint security stack. Our lightweight agent stops threats with Behavioral Threat Protection, AI and cloud-based analysis.

Laser-accurate detection

Pinpoint evasive threats with patented behavioral analytics. Cortex XDR uses machine learning to profile behavior and detect anomalies indicative of attack. Analytics lets you spot adversaries attempting to blend in with legitimate users.

Lightning-fast investigation and response

Investigate threats quickly by getting a complete picture of each attack, including alerts, artifacts and MITRE tactics with incident management. You can view the root cause of any alert with a single click and swiftly stop attacks across your environment.

Sit back, relax and let Cortex XDR protect you

COMPLETE ENDPOINT SECURITY

Safeguard your endpoints with NGAV, host firewall, disk encryption and USB device control.
ML-DRIVEN THREAT DETECTION

Find hidden threats like insider abuse, credential attacks, malware and exfiltration using behavioral analytics.
INCIDENT MANAGEMENT

Cut investigation time with intelligent alert grouping. Incident scoring lets you focus on the threats that matter.
AUTOMATED ROOT CAUSE ANALYSIS

Swiftly verify threats by reviewing the root cause, sequence of events, intelligence and investigative details all in one place.
DEEP FORENSICS

Conduct deep internal and regulatory investigations, even if endpoints are not connected to the network.
FLEXIBLE RESPONSE

Block fast-moving attacks, isolate endpoints, execute scripts and sweep across your entire environment to contain threats in real time.

Simplify SecOps with one platform for detection and response across all data

Cortex XDR delivers enterprise-wide protection by analyzing data from any source to stop sophisticated attacks.

Eliminate blind spots with complete visibility
Simplify security operations to cut mean time to respond (MTTR)
Harness the scale of the cloud for AI and analytics
Lower costs by consolidating tools and improving SOC efficiency

Get the XDR paper

Tested. Reviewed. Proven.

Exceptional test results and praise from analysts and customers make it easy to trust Cortex XDR.

Bar Graph of Protection and Analytics Detection Scores

Get the MITRE ATT&CK Guide

99%
Combined prevention and response capabilities score
100%
Reduction in Time to Respond (TTR)

See the Report

The Palo Alto Networks XDR strategy “is the most comprehensive in this study, offering threat prevention, detection, and access controls spanning endpoint, IoT, network, and cloud apps."

See The Forrester Wave

Drive better security outcomes

Accelerate threat response, streamline operations and increase SOC productivity with Cortex XDR.

8x

faster investigations
Learn more
98%

reduction in alerts
Learn more
44%

lower cost
Get the ROI paper

Two powerful offerings. Comprehensive protection.

CORTEX XDR PREVENT

CORTEX XDR PRO

Data sources Collect comprehensive data for extended visibility

Endpoint

Endpoint, network, cloud and third-party data resources

Next-Generation Antivirus Block malware, ransomware, exploits and fileless attacks

Endpoint protection Secure your endpoints with device control, host firewall and disk encryption

Detection and response Pinpoint attacks with AI-driven analytics and coordinate response

–

Managed threat hunting Let Unit 42 experts hunt for threats in your environment

–

Optional

Host insights Find vulnerabilities and sweep across endpoints to eradicate threats

–

Optional

Forensics Investigate incidents swiftly with comprehensive forensics evidence

–

Optional

Threat intelligence Enrich investigations with tailored intelligence and in-depth context

Wildfire analysis included; additional feeds optional

CORTEX XDR PREVENT
Data sourcesCollect comprehensive data for extended visibility	Endpoint
Next-Generation AntivirusBlock malware, ransomware, exploits and fileless attacks
Endpoint protectionSecure your endpoints with device control, host firewall and disk encryption
Detection and responsePinpoint attacks with AI-driven analytics and coordinate response	–
Managed threat huntingLet Unit 42 experts hunt for threats in your environment	–
Host insightsFind vulnerabilities and sweep across endpoints to eradicate threats	–
ForensicsInvestigate incidents swiftly with comprehensive forensics evidence	–
Threat intelligenceEnrich investigations with tailored intelligence and in-depth context	Wildfire analysis included; additional feeds optional

CORTEX XDR PRO
Data sourcesCollect comprehensive data for extended visibility	Endpoint, network, cloud and third-party data resources
Next-Generation AntivirusBlock malware, ransomware, exploits and fileless attacks
Endpoint protectionSecure your endpoints with device control, host firewall and disk encryption
Detection and responsePinpoint attacks with AI-driven analytics and coordinate response
Managed threat huntingLet Unit 42 experts hunt for threats in your environment	Optional
Host insightsFind vulnerabilities and sweep across endpoints to eradicate threats	Optional
ForensicsInvestigate incidents swiftly with comprehensive forensics evidence	Optional
Threat intelligenceEnrich investigations with tailored intelligence and in-depth context	Wildfire analysis included; additional feeds optional

Break the attack lifecycle

HermeticWiper

SolarStorm

Drops the malicious file

Disables volume shadow copy

Modifies the registry

Extracts EaseUS drivers

Enumerates files and corrupts partition information

Blocked with Local Analysis, Yara rules, Behavioral Threat Protection and WildFire Blocked with Behavioral Threat Protection Detected with Analytics Blocked with Behavioral Threat Protection Blocked with Behavioral Threat Protection

Cortex XDR stops the most advanced threats, including Russia-Ukraine cyber activity and the SolarWinds supply chain attack as well as Log4Shell, SpringShell, and PrintNightmare vulnerability exploits. For an interactive demo, see the Log4j incident response simulation.

Rewire security operations

Collect and integrate rich data and accelerate investigations to stop modern attacks.

Unrivaled innovation to outpace attackers

Our platform is built on constant innovation. As threats evolve, we’re committed to delivering new features that enhance security efficacy and streamline operations.

Swipe for More

Maximize ROI by consolidating tools and simplifying SecOps

Cut costs by 44% when you leverage the combined capabilities of Cortex XDR

Eliminate siloed, on-premises tools for a more efficient SOC
Reduce setup, tuning and operating costs with cloud-delivered services and out-of-the-box detection
Cut the cost of attacks with better protection and faster response

With Cortex XDR, you can safeguard your business against breaches while lowering your costs.

Get the ROI paper Calculate your risk

Maximize ROI by consolidating your operations

Considering an XDR solution but unsure where to start?

Improve endpoint protection

NGAV alone is not enough to protect enterprises from today’s cyberthreats. Take endpoint protection to the next level with a modern approach that can scale to your future needs and stop stealthy attacks.

Learn more

Extend protection beyond the endpoint

XDR extends security beyond the endpoint to improve threat protection, detection and response, consolidate endpoint security tools, and accelerate SOC productivity.

What is XDR?

Quickly detect and respond to threats

Pivot away from multiple point products, escape the limitations of EDR, and learn more about the benefits of a true XDR solution.

Get the guide

Featured Resources

See all documents

DATASHEET

Cortex At a Glance

Read about XDR

DIGITAL ASSET

10 Must Haves for Detection and Response

Explore

VIRTUAL WORKSHOP

Threat Hunting and Investigations Hands-on Workshop

Get hands on

REPORT

Cortex XDR Rides the Forrester Wave as a Leader

See for yourself

WHITE PAPER

Maximize the ROI of Detection and Response

Download

See all documents

Industry-First XDR

Stop attacks with the power of AI and full visibility.

SYMPHONY 2022

Watch the premier summit for security operations as we present a roadmap for building a modern SOC. Featuring Nir Zuk, Lee Klarich and special guest, Cybercrime Journalist, Brian Krebs.

Cortex XDR Triumphs in 2022 MITRE ATT&CK Evaluations

Delivering 100% prevention and 100% detection across all 19 evaluation steps

Gartner Market Guide for Extended Detection and Response

How to Prepare for the Next Big Cyberattack

What’s Next for Next-Gen Antivirus?

Stop attacks with full visibility and analytics

Proven endpoint protection

Laser-accurate detection

Lightning-fast investigation and response

XDR for Dummies Guide

Sit back, relax and let Cortex XDR protect you

COMPLETE ENDPOINT SECURITY COMPLETE ENDPOINT SECURITY

ML-DRIVEN THREAT DETECTION ML-DRIVEN THREAT DETECTION

INCIDENT MANAGEMENT INCIDENT MANAGEMENT

AUTOMATED ROOT CAUSE ANALYSIS AUTOMATED ROOT CAUSE ANALYSIS

DEEP FORENSICS DEEP FORENSICS

FLEXIBLE RESPONSE FLEXIBLE RESPONSE

Simplify SecOps with one platform for detection and response across all data

Tested. Reviewed. Proven.

Exceptional test results and praise from analysts and customers make it easy to trust Cortex XDR.

Drive better security outcomes

Two powerful offerings. Comprehensive protection.

Break the attack lifecycle

Drops the malicious file

Disables volume shadow copy

Modifies the registry

Extracts EaseUS drivers

Enumerates files and corrupts partition information

SolarWinds Orion downloads SUNBURST DLL file

SUNBURST “checks in” through DNS requests

SUNBURST downloads and executes Cobalt Strike

Cobalt Strike establishes C2

Lateral Movement

Exfiltration

Rewire security operations

Unrivaled innovation to outpace attackers

Maximize ROI by consolidating tools and simplifying SecOps

Cut costs by 44% when you leverage the combined capabilities of Cortex XDR

With Cortex XDR, you can safeguard your business against breaches while lowering your costs.

Considering an XDR solution but unsure where to start?

Improve endpoint protection

Extend protection beyond the endpoint

Quickly detect and respond to threats

Featured Resources

Cortex At a Glance

10 Must Haves for Detection and Response

Threat Hunting and Investigations Hands-on Workshop

Cortex XDR Rides the Forrester Wave as a Leader

Maximize the ROI of Detection and Response

Get the latest news, invites to events, and threat alerts

Popular Resources

Legal Notices

Popular Links

Watch the premier summit for security operations
as we present a roadmap for building a modern SOC.

Featuring Nir Zuk, Lee Klarich and special guest,
Cybercrime Journalist, Brian Krebs.

COMPLETE ENDPOINT SECURITY

ML-DRIVEN THREAT DETECTION

INCIDENT MANAGEMENT

AUTOMATED ROOT CAUSE ANALYSIS

DEEP FORENSICS

FLEXIBLE RESPONSE