Set up Managed Threat Hunting - Administrator Guide - Cortex XDR - Cortex - Security Operations

Cortex XDR Pro Administrator Guide

Product
Cortex XDR
License
Pro
Creation date
2024-02-26
Last date published
2024-04-14
Category
Administrator Guide
Abstract

Get started with the Managed Threat Hunting service, an add-on security service provided with Cortex XDR.

To get started with Managed Threat Hunting:

  1. Open the Cortex XDR tenant and approve the pairing request sent to your tenant.

    1. Navigate to Notifications and locate the Request for Pairing notification.

    2. Select Approve and then Yes to confirm.

      After the request is approved, Cortex XDR displays the Managed Threat Hunting label at the top of the page.

  2. Configure notification emails for the impact reports and threat inquiries you want to send.

    1. Select SettingsConfigurationsManaged Services.

    2. Enter one or more email addresses to which you want to send reports and inquires and ADD each one.

    3. Save your changes.

  3. Test the email, by going to your defined email address mailbox, and locate the Welcome to the Palo Alto Networks Cortex XDR Managed Threat Hunting Service email. If you did not receive the email, contact Customer Support.

  4. (Optional) If desired, forward Managed Threat Hunting alerts to external sources such as email or slack from the SettingsConfigurationsGeneralNotifications page.

    This forwards the alert and the detailed report in a PDF format.