Cortex XDR uses an Analytics Engine to examine logs and data from your sensors.
Analytics uses the Analytics Engine, sensors, and rules to keep your network safe.
Safeguarding your network requires a defense-in-depth strategy which utilizes current and patched software and hardware to keep unwanted users out of the network. Most available strategies are designed to stop intrusion attempts at the network perimeter, defending only against known threats. For example, systems scanning for malicious software rely on previously identified MD5 signature databases. However, attackers constantly modify virus signatures to circumvent virus scanners. Your network defense-in-depth strategy must include software and processes designed to detect and respond to intruders that may have already penetrated your systems.
Cortex XDR efficiently and automatically identifies abnormal activity on your network, while providing you with the exact information you need to rapidly evaluate, isolate and remove potential threats.