Forrester names Palo Alto Networks a Leader in XDR.

Recognized for a high-quality analyst experience and dedication to innovation.

CORTEX XDR

Palo Alto Networks recognized by Gartner® as a Leader in EPP.

With Cortex XDR, Palo Alto Networks was named a Leader in the 2023 Gartner®️ Magic Quadrant™️ for Endpoint Protection Platforms.

Break free from legacy endpoint solutions.

With the Cortex® platform offer for endpoint security.

Unbiased Testing. Unbeatable Results.

ONLY Cortex Delivers 100% Protection and Detection in MITRE Engenuity


The Resilient SOC

Essential Reading for CISOs


Why Cortex XDR

Stop attacks with full visibility and analytics


Sit back, relax and let Cortex XDR protect you

  • COMPLETE ENDPOINT SECURITY

    Safeguard your endpoints with NGAV, host firewall, disk encryption and USB device control.
  • ML-DRIVEN THREAT DETECTION

    Find hidden threats like insider abuse, credential attacks, malware and exfiltration using behavioral analytics.
    ML-DRIVEN THREAT DETECTION
  • INCIDENT MANAGEMENT

    Cut investigation time with intelligent alert grouping. Incident scoring lets you focus on the threats that matter.
    INCIDENT MANAGEMENT
  • AUTOMATED ROOT CAUSE ANALYSIS

    Swiftly verify threats by reviewing the root cause, sequence of events, intelligence and investigative details all in one place.
    AUTOMATED ROOT CAUSE ANALYSIS
  • DEEP FORENSICS

    Conduct deep internal and regulatory investigations, even if endpoints are not connected to the network.
    DEEP FORENSICS
  • FLEXIBLE RESPONSE

    Block fast-moving attacks, isolate endpoints, execute scripts and sweep across your entire environment to contain threats in real time.
    FLEXIBLE RESPONSE
  • EXTENDED THREAT HUNTING

    Conduct more granular and advanced threat hunting operations in your security environment using extended data collection and analysis.
    EXTENDED THREAT HUNTING
ML-DRIVEN THREAT DETECTION
INCIDENT MANAGEMENT
AUTOMATED ROOT CAUSE ANALYSIS
DEEP FORENSICS
FLEXIBLE RESPONSE
EXTENDED THREAT HUNTING

Deeper visibility to enable advanced threat hunting

Take a proactive stance against advanced threats. The eXtended Threat Hunting (XTH) Data Module enhances visibility and data collection by Cortex XDR. This empowers SecOps to prevent and detect threats faster — and with more precision.

  • Unlock additional analytics and machine learning detectors.

  • Sharpen the ability to identify, prevent and block complex attacks.

  • Proactively hunt with advanced analytics and behavioral models.

  • Identify causality links between attacker actions and affected entities.

XDR UI

Best-in-class coverage for stealthy identity threats

Protect your organization without slowing down the business. The new advanced Identity Threat Detection and Response Module from Cortex XSIAM and XDR® provides best-in-class coverage for stealthy identity threat vectors, including compromised accounts and insider threats.

  • Make decisions faster with enhanced views of your organization’s risk posture

  • Gain forensic-level visibility into the asset to easily uncover hidden threats

  • Automate and customize the continuous analysis of user and host activities

  • Swiftly triage and investigate alerts with precise profile information

User Dashboard

Tested. Reviewed. Proven.

Exceptional test results and praise from analysts and customers make it easy to trust Cortex XDR.

HIGHLIGHT REEL

2023 MITRE ATT&CK Evaluations.

Watch our MITRE highlight reel for an in-depth breakdown and see how Cortex XDR® surpassed 29 other vendors in combating Turla.

    Drive better security outcomes

    Accelerate threat response, streamline operations and increase SOC productivity with Cortex XDR.

    Break the attack lifecycle

    Drops the malicious file


    1

    Disables volume shadow copy


    2

    Modifies the registry


    3

    Extracts EaseUS drivers


    4

    Enumerates files and corrupts partition information


    5
    Blocked with Local Analysis, Yara rules, Behavioral Threat Protection and WildFireBlocked with Behavioral Threat ProtectionDetected with AnalyticsBlocked with Behavioral Threat ProtectionBlocked with Behavioral Threat Protection

    Cortex XDR stops the most advanced threats, including Russia-Ukraine cyber activity and the SolarWinds supply chain attack as well as Log4Shell, SpringShell, and PrintNightmare vulnerability exploits. For an interactive demo, see the Log4j incident response simulation.

    See how Cortex XDR beats the competition

    • Crowdstrike Logo
    • Cybereason Logo
    • MicroSoft XDR Logo
    • Sentinel One Logo
    • Trend Micro Logo
    • VMWare XDR Logo

    Two powerful offerings. Comprehensive protection.

    CORTEX XDR PREVENT
    Next-Generation AntivirusBlock malware, ransomware, exploits and fileless attacks
    Check Green
    Endpoint ProtectionSafeguard endpoints with device control, firewall and disk encryption
    Check Green
    Detection and ResponsePinpoint attacks with AI-driven analytics and coordinate response
    Managed Detection and Response Let Unit 42® experts work for you 24/7 to detect and respond to threats
    Identity Threat Detection and ResponseDetect and respond to identity threats like compromised accounts and malicious insiders
    Host InsightsFind vulnerabilities and sweep across endpoints to eradicate threats
    ForensicsInvestigate incidents swiftly with comprehensive forensics evidence
    eXtended Threat HuntingDeep endpoint telemetry to support advanced threat hunting operations
    Wildfire analysis included; additional feeds optional
         CORTEX XDR PRO     
    Next-Generation AntivirusBlock malware, ransomware, exploits and fileless attacks
    Check Green
    Endpoint ProtectionSafeguard endpoints with device control, firewall and disk encryption
    Check Green
    Detection and ResponsePinpoint attacks with AI-driven analytics and coordinate response
    Check Green
    Managed Detection and Response Let Unit 42® experts work for you 24/7 to detect and respond to threats
    Identity Threat Detection and ResponseDetect and respond to identity threats like compromised accounts and malicious insiders
    Host InsightsFind vulnerabilities and sweep across endpoints to eradicate threats
    ForensicsInvestigate incidents swiftly with comprehensive forensics evidence
    eXtended Threat HuntingDeep endpoint telemetry to support advanced threat hunting operations
    Wildfire analysis included; additional feeds optional

    Unrivaled innovation to outpace attackers

    Cortex Time line
    Swipe for More

    Maximize ROI by boosting SOC efficiency

    • Eliminate siloed tools for a more efficient SOC

    • Reduce setup, tuning and operating costs with cloud-delivered services and out-of-the-box detection

    • Cut the cost of attacks with better protection and faster response

    Maximize ROI by consolidating your operations

    Trusted by companies worldwide

    FEATURED CASE STUDY

    State of North Dakota unifies security and filters out the noise with Cortex XDR