Get started with the Cortex XDR management console interface.
Cortex XDR provides an easy-to-use interface that you can access from the hub. When you log in to the Cortex XDR management console, you see your default dashboard. If you haven’t customized the dashboard or changed the default, you see the Incident Management Dashboard.
Each SAML login session is valid for 8 hours.
In addition to your main dashboard, and depending on your assigned role, you can explore the menus for other features, as detailed in the following table.
Dashboard & Reports
From the Dashboard & Reports menu you can view and manage your dashboards and reports from the dashboard and incidents table, and view alert exclusions.
From the Incident Response menu, you can view, manage, investigate and take action on all incidents.
From the Endpoints menu, you can manage your registered endpoints and configure policy.
Open an in-context shortcut that you can use to search for information, perform common investigation tasks, or initiate response actions from any place in the Cortex XDR console.
From the Settings menu, you can view information about your Cortex XDR license, review logs of actions initiated by Cortex XDR analysts, and configure Cortex XDR settings, integrations with other apps and services, and access management.
View and switch to tenants to which you have access to, divided per CSP account. You can also navigate directly to the Cortex Gateway.
View Cortex XDR notifications.
From the User, see who is logged into Cortex XDR . Right click and select: