Palo Alto Networks Cortex XDR
- 01 Feb 2023
- 1 Minute to read
- DarkLight
Palo Alto Networks Cortex XDR
- Updated on 01 Feb 2023
- 1 Minute to read
- DarkLight
Article Summary
Share feedback
Thanks for sharing your feedback!
The Cortex XDR integration enables you to scan endpoints, upload IOCs, manage incidents, and validate API keys as part of Torq workflows.
Create an XDR API key
When you create an XDR API key, you'll need to copy and save several items that you'll need later for configuring an XDR integration in Torq.
- API key
- API key ID
- Cortex XDR URL
- In your XDR portal, go to Settings > Configurations.
- Expand the configuration panel, go to Integrations > API Keys, and click the + New Key button.
- Configure the API key and click Save. Make sure you copy the API key and save it.
- Security Level: Standard
- Role: All Torq steps can be used with the Investigation Admin role.
- Comment: a short description of what this key will be used for.
- In the table, locate the API key you created and make note of the ID.
- In the top-right corner, click Copy URL.
Create a Cortex XDR integration in Torq
- Go to the Integrations page, locate the Cortex XDR card, and click Add.
- Fill in the fields with the values you copied earlier.
- Integration name
- Cortex XDR API Key
- Cortex XDR API ID
- Cortex XDR Base URL (https://api-fqdn) for example: https://api-<company-name>.xdr.us.paloaltonetworks.com
Was this article helpful?