New Cortex Xpanse features and enhancements in release 2.10 (July 2025).
The table below describes the features and enhancements introduced in the Cortex Xpanse Expander 2.10 (July 2025) release.
Note
Cortex Xpanse typically upgrades customers over a three-week time frame. Contact customer success to find out your specific upgrade date.
Feature | Description |
|---|---|
Dynamic Protocol Detection for 65k Ports | Now all 65k IPv4 ports will undergo dynamic port protocol detection, resulting in improved service discovery. This will be released by the end of July for all customers. |
Integrated Attack Surface Testing | Gain immediate visibility and decisive insights into confirmed exploitability for emerging vulnerabilities, now available in a unified view within the Threat Response Center. |
New post-compromise detections | Expand detection coverage for Ransomware activity, Cryptojacking, and Webshells to deliver an additional layer of defense and identify ongoing attacks and potential lateral movement by attackers. |
Provided and Discovered Attribution Reasons | Provided and Discovered tags will now be listed as Attribution Reason (AR) tags, instead of the previous Asset Tags and IPR Tags. These tags will be applied automatically and are not modifiable. At this time, assets uploaded through the in-product feature will not receive the new AR tags. |
New attack surface rules | Enable users to identify internet-facing applications that leak full or partial credential information. |
Improved user record management | Only users with at least one role or user group assigned are saved to Cortex Gateway, ensuring that the Gateway contains only relevant user data. This enhances data security and system efficiency. |