By hardening your endpoints with Cortex XDR you can make these endpoints more secure and safer from attackers.
Cortex XSIAM enables you to extend the security on your endpoints beyond the Cortex XDR agent built-in prevention capabilities to provide increased coverage of network security within your organization. By leveraging existing mechanisms and added capabilities, the Cortex XDR agent can enforce additional protections on your endpoints to provide a comprehensive security posture.
From
→ → → , you can create profiles for the following hardened endpoint security capabilities.Host Inventory (Cortex XDR Pro)
Vulnerability Assessment (Cortex XDR Pro)
The Extensions Profiles table lists the profile details per operating system. Profiles associated with one or more targets that are beyond your defined user scope are locked and cannot be edited.
Field | Description |
---|---|
Associated Targets | The targets associated with the profile. |
Created By | Administrative user who created the profile. |
Created Time | Date and time at which the profile was created. |
Description | Optional description entered by an administrator to describe the profile. |
Modification Time | Date and time at which the profile was modified. |
Modified By | Administrative user who modified the profile. |
Name | Name provided to identify the security profile. |
Platform | Platform type of the profile. |
Summary | Summary of profile configuration. |
Type | Profile type. |
Usage Count | Number of policy rules that use the profile. |
To apply the profiles, from
→ → → , you can view all the policy rules per operating system. Rules associated with one or more targets that are beyond your defined user scope are locked and cannot be edited.The following table describes for each capability the supported platforms and minimal agent version. A dash (—) indicates the setting is not supported.
Caution
Hardened endpoint security capabilities are not supported for Android endpoints.
Module | Windows | Mac | Linux |
---|---|---|---|
Device Control Protects endpoints from loading malicious files from USB-connected removable devices (CD-ROM, disk drives, floppy disks, and Windows portable devices drives). | Cortex XDR agent 7.0 and later For VDI, Cortex XDR agent 7.3 and later | Cortex XDR agent 7.2 and later | — |
Host Firewall Protects endpoints from attacks originating in network communications to and from the endpoint. | Cortex XDR agent 7.1 and later | Cortex XDR agent 7.2 and later | — |
Disk Encryption Provides visibility into endpoints that encrypt their hard drives using BitLocker or FileVault. | Cortex XDR agent 7.1 and later | Cortex XDR agent 7.2 and later | — |
Host Inventory Provides full visibility into the business and IT operational data on all your endpoints. | Cortex XDR agent 7.1 and later | Cortex XDR agent 7.1 and later | Cortex XDR agent 7.1 and later |
Vulnerability Assessment Identifies and quantifies the security vulnerabilities (CVEs) that exist for applications installed on your endpoints. | Cortex XDR agent 7.1 and later | — | Cortex XDR agent 7.1 and later |