Investigate files - Administrator Guide - Cortex XSIAM - Cortex - Security Operations

Cortex XSIAM Documentation

Product
Cortex XSIAM
Creation date
2024-03-06
Last date published
2024-10-13
Category
Administrator Guide

You can take actions to manage and investigate files, including:

  • Manage file execution on your endpoints by adding file hashes to your allow and block lists.

  • Quarantine files and manage the files automatically quarantined by Cortex XSIAM.

  • Review the file verdict and the WildFire Analysis Report for a file.

  • Import hashes from the Endpoint Security Manager or from external feeds.