Cortex XDR Agent is installed on all endpoints in your organization. It works in conjunction with the Cortex XDR platform to monitor and protect these endpoints from a wide range of security threats. The agent collects and sends endpoint telemetry data to the Cortex XDR, where it is analyzed for suspicious activities, indicators of compromise, and potential security incidents. The Cortex XDR agent plays a crucial role in providing real-time visibility into endpoint activity, detecting and blocking malware, analyzing endpoint behavior for signs of compromise, and facilitating response actions. It helps security teams identify and respond to threats effectively, minimizing the risk of data breaches and unauthorized access.
This guide explains the installation and configuration procedures for Cortex XDR Agent setup and operation on three operating systems, Windows , MacOS, and Linux. Additional guides are available for agent installation and operation on Android and iOS devices.
For compatibility with operating systems per agent release versions see the Cortex XDR Compatibility Matrix.
With the Cortex XDR release, Agent features are released on specific agent versions. For feature support, known and addressed issues, and changes to default behavior by Cortex XDR agent version, see the Cortex XDR Agent Releases.