Enhanced Capabilities to Optimize Your SOC with Cortex XDR 2.4

Palo Alto Networks Cortex XDR is the industry’s first extended detection and response platform that runs on integrated endpoint, network and cloud data to reduce noise and focus on real threats. The Cortex XDR platform delivers a unified experience for prevention, detection, investigation and response – reimagining how you find and stop attacks while dramatically simplifying operations.

Palo Alto Networks has just upgraded Cortex XDR tenants to Cortex XDR version 2.4 adding an extensive number of features to enhance capabilities and to optimize your SOC. As a cloud-delivered service, this means customers can now take advantage of many new capabilities, including enhanced detection and investigation as well as ease of management.

New features of Cortex XDR 2.4 include:

  • Vulnerability assessment
  • Enhanced investigations with Quick Launcher, IP View and Hash View
  • Cortex XSOAR Threat Intel Management integration
  • Okta and Microsoft Azure Active Directory log support
  • Text-based queries with native search
  • Interactive script execution
  • Remote procedure call (RPC) visibility
  • Pivoting between alerts, rules and incidents
  • Alert table enhancements
  • MSSP and Broker Service enhancements

Note that many of the new enhancements require a Cortex XDR Pro license.


You can learn more about Cortex XDR 2.4 by checking out the following resources:

Cortex XDR release notes

Cortex XDR 2.4: One Small Step for Cortex XDR, One Giant Leap for SecOps (blog post)

or by contacting your local Exclusive Networks Account Manager.