Set up endpoint protection - Administrator Guide - Cortex XSIAM - Advanced Endpoint Protection - Cortex - Security Operations

Cortex XSIAM Documentation

Product
Cortex XSIAM
Creation date
2024-03-06
Last date published
2024-05-22
Category
Administrator Guide
Abstract

Learn how to set up profiles, policies, and other settings for endpoint protection, how to install Cortex XDR agent on endpoints, and how to manage them after installation.

Endpoint protection starts with the Cortex XDR agent that is installed on each endpoint in your environment. The agent package that you install on endpoints contains many settings that are configured by default, out-of-the-box, to enable you to get protection up and running quickly. However, these settings can also be modified and used in different combinations, by using profiles, which are then mapped to policies, and by configuring global settings.

Several endpoint management tasks can be performed remotely by administrators, from Cortex XSIAM. These include tasks such as applying tags and aliases to endpoints, upgrading the Cortex XDR agent, uninstalling and deleting the Cortex XDR agent, and more.