Cortex XDR Extended to Third-Party Data Sources

Palo Alto Networks has introduced Cortex XDR 2.0 — an advancement of the industry’s only detection and response platform that runs on fully integrated endpoint, network and cloud data. As the market’s first and leading XDR product, Cortex XDR 2.0 continues to extend the category definition with the addition of third-party data for analytics and investigations, while unifying prevention, detection, investigation and response in one platform experience for unrivalled security and operational efficiency.

Palo Alto Networks unveiled significant platform advancements that help organizations defend their enterprise with unrivalled data and deep analytics:

  • Open to third-party data:
    Cortex XDR’s patented behavioral analytics capabilities have been extended to logs collected from third-party firewalls, enabling detection across multi-vendor environments while integrating third-party firewall alerts into a unified incident view.
  • Seamless platform experience:
    Prevention, detection, investigation and response capabilities have been unified into a single platform, with a complete rebuild of the Traps management service into Cortex XDR.
  • AI-driven malware prevention:
    Cortex XDR’s new machine learning-driven local analysis engine is customized for continuous learning and prevention.
  • New device control capability:
    The new Device Control module, the first in a series of new endpoint protection platform modules, will give organizations granular USB access management on the endpoint to prevent malware and data loss caused by unsanctioned devices.


Cortex XDR 2.0 will be available in December. Cortex XDR third-party logs and alert ingestion are available for select third-party products now. For more information, please visit

Please contact your local Exclusive Networks Account Manager for additional information on Cortex XDR and the Palo Alto Networks portfolio.