Cortex XDR is an extended detection and response platform that combines endpoint protection with threat detection and response capabilities. The platform uses AI and automation to detect threats across endpoints and reduce alert volume. The product provides endpoint security through prevention and detection mechanisms, tested in MITRE ATT&CK evaluations with reported 100% detection rates and zero prevention false positives. It includes endpoint detection and response (EDR) functionality with behavioral analysis and threat hunting capabilities. Cortex XDR integrates data from multiple security sources to provide visibility across the attack surface. The platform uses machine learning models to identify threats and correlate security events. It includes automated response capabilities to contain and remediate detected threats. The solution offers managed detection and response (MDR) services through Unit 42, providing 24/7 monitoring and incident response support. Additional managed services include threat hunting, incident response, and cyber risk management. The platform includes investigation tools for security analysts to examine alerts and incidents. It provides dashboards and reporting features for security operations teams. The system aims to reduce false positives and consolidate alerts to improve SOC efficiency. Cortex XDR supports deployment across cloud, on-premises, and hybrid environments. It includes protection for Windows, Linux, macOS, and mobile endpoints.