The Cortex XDR agent protects Windows endpoints by preventing known and unknown malware from running on those endpoints and by halting any attempts to leverage software exploits and vulnerabilities. The also agent enforces security policy for organization as defined in Cortex XDR. When a security event occurs on an endpoint, the agent collects forensic information about that event that you can use to analyze the incident. This is going to become a required install on all corporate endpoints.
The Cortex XDR agent installs in the C:\Program Files (x86)\Palo Alto Networks\Traps folder.
Intune Installer
Windows
Current version: 7.8.1.11343 (Oct 2022)
Install command: msiexec /i "Cortex781_Win_x64.msi" /qn ENDPOINT_TAGS="Ring2"
Uninstall command: msiexec /x "{6615BDE5-D3F8-4409-BC8B-0D3526EEF053}" /qn
MacOS
Work in progress.
Additional Resources