Our company uses the solution for endpoint protection, detection, and response. The solution has antivirus and EDR capabilities. Our SOC analysts use it to investigate incidents. We currently have 300 to 400 users with two admins for management. The solution is installed on all user laptops to protect workstations.

We also implement the solution for customers as a service. Most customers buy the solution for registry reasons and compliance standards. It gives you all the compliance points and improves how your SOC functions because it provides comprehensive visibility over the entire network and endpoints. It is called XDR because it not only looks at endpoints but also network traffic. 

The solution is offered on Palo Alto's private network. I think the underlying provider is Google Cloud, but that doesn't really matter. You are asked the region of your instance for connection such as Europe or the Middle East. 

I used the product at my previous company until November 2018.

Our company uses the solution to detect behaviors and provide difficulty remediation for malware. The solution acts like a terminal that allows for the renewal of malware directly from the terminal in any meeting room. 

We also have an IOP configuration that allows us to compare our own indicators and compromise rules. This is very efficient because anytime there is an IAP release on the web page, we can update or create a repository of different notification alerts. 

We primarily use the solution for security.

Officially, I'm an MSP, but I also host it for our own internal software. I've got XDR installed on 26,000 devices. It is used for threat prevention, policy enforcement, firewall rules, and DLP. We use it for pretty much everything. Our firewalls also integrate with XDR.

We use XDR Pro. It is in the cloud, and we have got version 7 at the moment, which is probably the latest update of it.

Cortex XDR by Palo Alto Networks is the antivirus solution we use for Androids.

There are GRC rules in Cortex XDR, which engage IOC very quickly. There's file detection and delay. Compared to competitors, this feature allows for selling and deleting files. We can utilize the report if the file has already been deleted. This integration enhances the system. Apart from standard policies, explicit and exploit policies provide various options. We can modify policies using profiles.

We can modify the policies as we want. It also has reporting for everyone. You can customize the queue in the dashboard, and most of the features are more common among others. It has file detection.  The search is very simple. The console is very user-friendly in the system. Anyone can get trained within an hour. You don't need much expertise to handle it. If someone has the proper training, he can handle it very easily.

We use the product as a detection and response application.

We use it to make sure that our antivirus is up to par. 

It used to be on-prem, but now, it's completely on the cloud. In terms of the version, we've got some old endpoints that we had to manually bring up to date, but for the most part, it's up to date.

The primary use case is endpoint security. The product is my main endpoint, IP, and threat management.

Cortex XDR is an artificial intelligence-based solution that automatically detects malicious activity performed by users or user machines, blocking it with the help of AI. We also create security policies on Cortex XDR that can be managed by Cortex XDR. Let's say that a company wants a security policy to work for a home user or VPN client user. It also includes an enterprise network at home.

We're using it just to make sure that the customers, or our users, don't use any prohibited applications. We make sure that every application they use is on the allowed list. Any other application that is not only allowed is blocked until further notice. It's mainly to make sure that our organization is secure and that the software that the users are working on is secured too. This is the main reason. also to be aware and secured from any potential attack or ransomware etc.

This solution has replaced our traditional antivirus solutions; it protects our environment and safeguards our endpoints from any malware or exploitation. We are based in Azerbaijan, I'm the CISO of the company and we are customers of Palo Alto. 

We are using Cortex XDR by Palo Alto Networks for all of our remote users because they are not connected to our on-premise data center.

The primary use case is mainly endpoint protection.

We primarily use the product as endpoint security which we have deployed on all servers and locations. This is not limited to the endpoint, however, as it has further integration with the firewalls and email solutions. Therefore, it can give us quick visibility in case there is any malicious or suspicious activity happening.

I am an integrator. I deploy and implement solutions for our customers.

As with any advanced malware protection tool, it's really about the results and getting the security you need. We are end users and I'm a cybersecurity incident response analyst.

Cortex XDR is used for monitoring and securing large numbers of endpoints, typically in the range of 5,000 to 10,000. It is considered to be an effective solution for mitigating security risks in these environments.

We are using Cortex XDR by Palo Alto Networks as an endpoint solution.

We are in the testing stage of using Cortex XDR by Palo Alto Networks. We are using it in order to ensure the corporate network servers are protected. Additionally, we need to use a specialized tool.

Cortex XDR by Palo Alto Networks is a network management solution.

We have Cortex XDR on our endpoints, and we have managed threat hunting. We are using it for everything related to security. If we have a device we believe is compromised, we can do a scan of the device to check for malware. We look for indicators of compromise in our network. We also look for behavioral things, such as if people are, for some reason, sending a bunch of information out. We also monitor USB file copies to make sure sensitive data isn't leaving our systems. It is also for any kind of denial of service attack.

We are using its latest version. It is deployed on-prem. We have agent software on all our endpoints, and then we have on-prem devices managed through Panorama.

This product is part of a package that makes up our security solution.

Our primary use case is anti-malware and anti-exploit.

Cortex XDR does the stitching between a number of security domains, like email security, API security, and web security. The solution does the stitching from different sources and makes a logical incident.

It's mainly for protection against malware. We work very closely with a major partner of Palo Alto in the Czech Republic, and we have experience with the whole XDR solution. It's very useful for us and a very capable solution.

I primarily use Cortex XDR to protect end-users from ransomware, malware, spam, and phishing.

We use Cortex XDR as part of our security solution.

I primarily use Cortex XDR for endpoint security.

We use the solution for telemetry and for its anti-virus capability.

We don't have many customers moving to Cortex XDR by Palo Alto Networks. But recently, we started offering them both pro and basic options. 

This solution is a next-generation antivirus with more advanced capability and security. We have a partnership with Palo Alto.

Our clients want to correlate information they have in their network. Many engineers or companies have different tools like CMs, firewalls, VPNs, and some other things related to networks. They mentioned that after they acquired the Cortex XDR solution they have all of the information in one place. That is important because they improved the time to solve security issues.

We are not using it for our purposes because we are a Palo Alto partner. We propose it for our customers based on their requirements.

We are both a service provider and a reseller.

When the pandemic first began, the use cases were mostly for remote users. We deployed this for the majority of remote users.

We are still in the testing stages so there is not currently any primary use case beyond the base use of endpoint protection.  

We use it for primary endpoint protection.

The main use case was the integration with their Palo Alto firewall and Panorama. Apart from that, they also had integration with the FIM solution that they had. Overall, having it at the endpoint and having network integration for the overall threat scenario has been where we use it.

It has just been about a month.

It can work as a standalone solution, however, it also fully integrates with the firewall. It operates on an endpoint level and on firewall level. It's endpoint security, so there are not 35 use cases. It's pretty specific.

My customer wanted to use EDR. We worked with the POC to demonstrate the antivirus and how it has more features for detecting threats.

We use Palo Alto Networks Traps (Version 6) to protect our endpoints against NG malware via behavior analysis, artificial intelligence and machine learning. Both the PA Traps endpoint logs, our PA firewall traffic logs and the Wildfire sandbox are used to provide immediate threat response and feed this information to the PA Threat Intelligence cloud.

We use it for our own company as well for our clients. It is mainly used for protecting the endpoints. Like everybody else nowadays, we're all working from home, and we have access to data on the public cloud, private cloud, and on-prem. We got to make sure that we're not exposing our endpoints to anything out there that could be malicious and that could cause any problems within our networking environment.

We use the product to monitor and control all the systems. It helps us understand user behavior.

The solution is like a next-level EDR. It can collect information from other solutions to have a global view of the risks and vulnerabilities.

The tool's use cases are relevant to security. 

Security correlation is our main use case.

My primary use of this solution is as an endpoint security client.

We used it for malware detection and to detect weird DNS calls. Overall, it was for endpoint protection.

We use this solution to secure endpoints and to have more visibility on what is happening on the endpoints.

We have two customers who are using this solution currently.

So far, we have only done a PoC of Palo Alto Traps. We deployed Traps on a few devices and then did the PoC. I also attend a workshop for Palo Alto Traps. I learned how it works and how it can block malicious files, etc.

It is used as a device that can detect any issues and changes when people are not at work. In one case, we use it when someone is not at work or has already used their allotted time off. This helps us understand any issues that may arise when someone is not at work, which could lead to changes in the way we work.

Cortex XDR is used for endpoint detection and response. This is software placed into endpoints and work in this cloud. In cloud has the analytics, login, prevention models, et cetera.

I primarily use this solution for my clients. I don't use the solution myself.

We primarily use the solution for our endpoint server and endpoint protection.

Advanced endpoint protection.

We use this solution to protect our computer system against threats, such as exploits and malware.

We use this solution specifically in endpoint response, endpoint detection, endpoint sandboxing, and as a firewall.

I'm testing the product right now. I use the solution for endpoint security.

I have deployed some customized playbooks and modified ones which are out-of-the-box with more integration with SIEM solutions such as ArcSight, QRadar, ADRs and Trend Micro.

We use Palo Alto Traps in our Windows-based environments. Currently, it only protects our desktops and we use it in conjunction with our Check Point firewall.

We use it for malicious connections from malicious websites. There might also be some payloads that might be inside the traffic. We also use it to identify malicious processes or bugs that are running on the network and any activities that tend to lead to data infiltration.

We use Cortex XDR by Palo Alto Networks for its ability to detect based on behavior rather than simple virus scan to prevent malicious activities. We also use it to go in and white list things that are okay. This way, they won't get blocked.

I use it for visibility, mitigation, and analysis of advanced threat attacks.

I use the solution for endpoint protection.

We're primarily a Palo Alto shop, and we integrate solutions in the Palo Alto ecosystem. But for firewalls and threat hunting, it's all through Cortex XDR. We also compliment the Cortex XDR product with other endpoint protection solutions, like Windows Defender, or whatever the customer is using,

We had firewalls set up and it integrated but didn't meet with our regulations.

We were using this solution for endpoint protection.

We mainly use it for endpoint protection, exploit prevention, and malware prevention. 

We are a solution provider and one of the Palo Alto products that we implement for our clients is Cortex XDR (Extended Detection and Response).

It is also known as Traps, and it is mostly used for endpoint protection. For example, when remote users want to connect to their organization using a VPN, they will be protected.

We are using it for a banking client.

We have deployed Cortex XDR for a couple of clients in manufacturing.

We deploy this solution in Universities and banks because it's private. Our company is a private company.