Malware security profiles allow you to configure the actions Cortex XDR agents take when they detect known malicious URLs or spam numbers.
By default, the Cortex XDR agent will receive the default profile that contains a predefined configuration for each malware protection capability supported by the platform.
Add a new profile.
From the Cortex XDR tenant, select → → → → and select whether to Create New or Import from File a new profile.
Note
New imported profiles are added, not replaced.
Select iOS, and then the Malware profile type.
Click Next.
Configure the Malware profile.
Enter a meaningful Profile Name and a description.
Configure SMS, MMS and Safari Malicious URL Filtering by adding allowed URLs to the Allow List, and by adding known malicious URLs to the Block List.
Configure reporting of spam calls and messages to XDR analysts by selecting a Spam Report option.
Configure Call and Messages Blocking by adding allowed numbers to the Allow List, and known spam numbers to the Add Known Spam Numbers list.
Note
Ensure that the same numbers are not added multiple times with different leading zeros.
Create the profile.
Assign the profile to a Prevention Policy Rule. Select
→ → → .Do one of the following:
To create a new policy or import a policy, click +Add Policy and select whether to Create New or Import from File. Enter a meaningful Policy Name and Description.
Edit an existing policy rule.
Note
New imported policies are added, not replaced.
For Platform, select iOS, and then for Malware, select the profile that you created.
Click Next.
Select the iOS devices to which you want to assign the policy.
Click Done.