You can manage the security profiles of your Cortex XDR agent endpoints in various ways, including editing, duplicating, and populating security rules.
After you customize your Endpoint Security Profiles, you can manage these profiles from the Profiles page as needed.
View information about your security profiles.
The following table displays the fields that are available on the Profiles page in alphabetical order. The table includes both default fields and additional fields that are available in the column manager.
The targets the profile applies to.
Administrative user who created the security profile.
Date and time at which the security profile was created.
Optional description entered by an administrator to describe the security profile.
Date and time at which the security profile was modified.
Administrative user who modified the security profile.
Name provided to identify the security profile.
Platform type of the security profile.
Summary of security profile configuration.
Security profile type.
Number of policy rules that use the profile.
Edit a security profile.
From Edit.→ → → , right-click the security profile and select
Make your changes and then Save the security profile.
From Export Profile.→ → → , right-click the security profile and select
Verify the profile you want to export.
New imported profiles are added and not replaced.
Duplicate a security profile.
From Save as New.→ → → , right-click the security profile and select
Make your changes and then Create the security profile.
View the security policy rules that use a security profile.
From View policy Rules.→ → → , right-click the security profile and select
Cortex XDR displays the policy rules that use the profile.
Populate a new policy rule with a security profile.
From Create a new policy rule using this profile.→ → → , right-click the security profile and
Cortex XDR automatically populates the Platform selection based on your security profile configuration and assigns the security profile based on the security profile type.
Enter a descriptive Policy Name and optional description for the policy rule.
Assign any additional security profiles that you want to apply to your policy rule, and select Next.
Select the target endpoints for the policy rule or use the filters to define criteria for the policy rule to apply, and then select Next.
Review the policy rule summary, and if everything looks good, select Done.
Delete a security profile.
If necessary, delete or detach any policy rules that use the profile before attempting to delete it.
From→ → → , identify the security profile that you want to remove.
The Usage Count should have a
Right-click the security profile and select Delete.
Confirm the deletion and you are done.