CORTEX XDR

XDR 3.0: Next Has Arrived

The third generation of XDR secures against cloud and identity-based threats.
Watch it now Get the datasheet
Cortex XDR
How to Prepare for the Next Big Cyberattack

How to Prepare for the Next Big Cyberattack

Get the white paper
Carbanak+Fin7: MITRE ATT&CK Results Unpacked

Carbanak+Fin7: MITRE ATT&CK Results Unpacked

Watch now
Gartner Innovation Insight for Detection and Response

Gartner Innovation Insight for Detection and Response

Get the report
Why Cortex XDR

Stop attacks with full visibility and analytics

Proven endpoint protection

Block advanced malware, exploits and fileless attacks with the industry’s most comprehensive endpoint security stack. Our lightweight agent stops threats with Behavioral Threat Protection, AI and cloud-based analysis.

Laser-accurate detection

Pinpoint evasive threats with patented behavioral analytics. Cortex XDR uses machine learning to profile behavior and detect anomalies indicative of attack. Analytics lets you spot adversaries attempting to blend in with legitimate users.

Lightning-fast investigation and response

Investigate threats quickly by getting a complete picture of each attack, including alerts, artifacts and MITRE tactics with incident management. You can view the root cause of any alert with a single click and swiftly stop attacks across your environment.

Sit back, relax and let Cortex XDR protect you

  • COMPLETE ENDPOINT SECURITY

    Safeguard your endpoints with NGAV, host firewall, disk encryption and USB device control.
    COMPLETE ENDPOINT SECURITY

  • ML-DRIVEN THREAT DETECTION

    Find hidden threats like insider abuse, credential attacks, malware and exfiltration using behavioral analytics.
    ML-DRIVEN THREAT DETECTION

  • INCIDENT MANAGEMENT

    Cut investigation time with intelligent alert grouping. Incident scoring lets you focus on the threats that matter.
    INCIDENT MANAGEMENT

  • DEEP FORENSICS

    Conduct deep internal and regulatory investigations, even if endpoints are not connected to the network.
    DEEP FORENSICS

  • FLEXIBLE RESPONSE

    Block fast-moving attacks, isolate endpoints, execute scripts and sweep across your entire environment to contain threats in real time.
    FLEXIBLE RESPONSE
COMPLETE ENDPOINT SECURITY
ML-DRIVEN THREAT DETECTION
INCIDENT MANAGEMENT
DEEP FORENSICS
FLEXIBLE RESPONSE

Simplify SecOps with one platform for detection and response across all data

Cortex XDR delivers enterprise-wide protection by analyzing data from any source to stop sophisticated attacks.

  • Eliminate blind spots with complete visibility
  • Simplify security operations to cut mean time to respond (MTTR)
  • Harness the scale of the cloud for AI and analytics
  • Lower costs by consolidating tools and improving SOC efficiency
Get the XDR paper

Tested. Reviewed. Proven.

Exceptional test results and praise from analysts and customers make it easy to trust Cortex XDR.

Bar Graph of Protection and Analytics Detection Scores

Two powerful offerings. Comprehensive protection.

CORTEX XDR PREVENT CORTEX XDR PRO
Data sourcesCollect comprehensive data for extended visibility
Endpoint
Endpoint, network, cloud and third-party data resources
Next-Generation AntivirusBlock malware, ransomware, exploits and fileless attacks
Endpoint protectionSecure your endpoints with device control, host firewall and disk encryption
Detection and responsePinpoint attacks with AI-driven analytics and coordinate response
Managed threat huntingLet Unit 42 experts hunt for threats in your environment
Optional
Host insightsFind vulnerabilities and sweep across endpoints to eradicate threats
Optional
ForensicsInvestigate incidents swiftly with comprehensive forensics evidence
Optional
Threat intelligenceEnrich investigations with tailored intelligence and in-depth context
Wildfire analysis included; additional feeds optional
Wildfire analysis included; additional feeds optional
CORTEX XDR PREVENT
Data sourcesCollect comprehensive data for extended visibility
Endpoint
Next-Generation AntivirusBlock malware, ransomware, exploits and fileless attacks
Endpoint protectionSecure your endpoints with device control, host firewall and disk encryption
Detection and responsePinpoint attacks with AI-driven analytics and coordinate response
Managed threat huntingLet Unit 42 experts hunt for threats in your environment
Host insightsFind vulnerabilities and sweep across endpoints to eradicate threats
ForensicsInvestigate incidents swiftly with comprehensive forensics evidence
Threat intelligenceEnrich investigations with tailored intelligence and in-depth context
Wildfire analysis included; additional feeds optional
CORTEX XDR PRO
Data sourcesCollect comprehensive data for extended visibility
Endpoint, network, cloud and third-party data resources
Next-Generation AntivirusBlock malware, ransomware, exploits and fileless attacks
Endpoint protectionSecure your endpoints with device control, host firewall and disk encryption
Detection and responsePinpoint attacks with AI-driven analytics and coordinate response
Managed threat huntingLet Unit 42 experts hunt for threats in your environment
Optional
Host insightsFind vulnerabilities and sweep across endpoints to eradicate threats
Optional
ForensicsInvestigate incidents swiftly with comprehensive forensics evidence
Optional
Threat intelligenceEnrich investigations with tailored intelligence and in-depth context
Wildfire analysis included; additional feeds optional

Drive better security outcomes

Accelerate threat response, streamline operations and increase SOC productivity with Cortex XDR.

Break the attack lifecycle

SolarWinds Orion downloads SUNBURST DLL file

1

SUNBURST “checks in” through DNS requests

2

SUNBURST downloads and executes Cobalt Strike

3

Cobalt Strike establishes C2

4

Lateral Movement

5

Exfiltration

6
Blocks with Threat Intel, Local Analysis, and WildFire Blocks known SolarStorm domains Blocks with Behavioral Threat Protection, Threat Intel, Local Analysis, and WildFire Blocks known SolarStorm C2 domains Blocks password theft and detects discovery with behavioral analytics Detects exfil with behavioral analytics


Cortex XDR detects and stops the most advanced attacks to keep you safe. When Palo Alto Networks experienced an attempt to download Cobalt Strike on one of its IT SolarWinds servers, Cortex XDR prevented the SolarStorm attack with its Behavioral Threat Protection capability—before the attack was publicly disclosed. After the attack, additional defenses were added to fend off the risk of intrusion at every step.

Rewire security operations

Collect and integrate rich data and accelerate investigations to stop modern attacks.

white triangle

Unrivaled innovation to outpace attackers

Our platform is built on constant innovation. As threats evolve, we’re committed to delivering new features that enhance security efficacy and streamline operations. With Cortex XDR, “We’ve Got Next.”

Cortex Time line
Swipe for More

Maximize ROI by consolidating tools and simplifying SecOps

Cut costs by 44% when you leverage the combined capabilities of Cortex XDR

  • Eliminate siloed, on-premises tools for a more efficient SOC
  • Reduce setup, tuning and operating costs with cloud-delivered services and out-of-the-box detection
  • Decrease threat hunting costs with powerful search tools and automation
  • Cut the cost of attacks with better protection and faster response

With Cortex XDR, you can safeguard your business against breaches while lowering your costs.

Get the ROI paper Calculate your risk
Maximize ROI by consolidating your operations
North Dakota Cherwell

Hear from our customers

play
“We desperately needed to do automation and to have a tool that filtered through all the noise. Cortex is doing exactly that. We’re seeing the noise going away, and we’re getting to the important alerts that we hadn't seen previously.”
Ryan Kramer, Enterprise Network Architect, State of North Dakota
Watch the video
“Once we got Cortex XDR in, we had the relief of knowing we were seeing real viable data, information we could react to, information we could act on and what the endpoints were doing. There was this tremendous relief that now we could be ahead of the situation.”
Greg Biegen, Director of Information Security, Cherwell Software
Watch the video

Featured Resources

See all documents
DATASHEET

Cortex At a Glance

Read about XDR
DIGITAL ASSET

10 Must Haves for Detection and Response

Explore
VIRTUAL WORKSHOP

Threat Hunting and Investigations Hands-on Workshop

Get hands on
REPORT

Cortex XDR Rides the Forrester Wave as a Leader

See for yourself
WHITE PAPER

Maximize the ROI of Detection and Response

Download
See all documents

Get the latest news, invites to events, and threat alerts

Popular Resources

Legal Notices

Popular Links

Report a Vulnerability