Add a Malware Security Profile (Administrator Task) - Administrator Guide - 8.1 - Cortex XDR - Cortex XDR Agent - Advanced Endpoint Protection - Cortex - Security Operations

Cortex XDR Agent iOS App

Cortex XDR
Cortex XDR Agent
Creation date
Last date published
Administrator Guide

Malware security profiles allow you to configure the actions Cortex XDR agents take when they detect known malicious URLs or spam numbers.

By default, the Cortex XDR agent will receive the default profile that contains a predefined configuration for each malware protection capability supported by the platform.

  1. Add a new profile.

    1. From the Cortex XDR tenant, select Endpoints Policy ManagementPreventionProfiles+ Add Profile and select whether to Create New or Import from File a new profile.


      New imported profiles are added, not replaced.

    2. Select iOS, and then the Malware profile type.

    3. Click Next.

  2. Configure the Malware profile.

    1. Enter a meaningful Profile Name and a description.

    2. Configure SMS, MMS and Safari Malicious URL Filtering by adding allowed URLs to the Allow List, and by adding known malicious URLs to the Block List.

    3. Configure reporting of spam calls and messages to XDR analysts by selecting a Spam Report option.

    4. Configure Call and Messages Blocking by adding allowed numbers to the Allow List, and known spam numbers to the Add Known Spam Numbers list.


      Ensure that the same numbers are not added multiple times with different leading zeros.

  3. Create the profile.

  4. Assign the profile to a Prevention Policy Rule. Select Endpoints Policy ManagementPreventionPolicy Rules.

    1. Do one of the following:

      • To create a new policy or import a policy, click +Add Policy and select whether to Create New or Import from File. Enter a meaningful Policy Name and Description.

      • Edit an existing policy rule.


      New imported policies are added, not replaced.

    2. For Platform, select iOS, and then for Malware, select the profile that you created.

    3. Click Next.

    4. Select the iOS devices to which you want to assign the policy.

    5. Click Done.