---
title: 'Palo Alto Cortex XDR: New incident detected'
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > OOTB Rules > Palo Alto Cortex XDR: New incident
  detected
---

# Palo Alto Cortex XDR: New incident detected

{% alert level="danger" %}
This rule is part of a beta feature. To learn more, [contact Support](https://docs.datadoghq.com/help/).
{% /alert %}
Classification:attackTactic:[TA0002-execution](https://attack.mitre.org/tactics/TA0002)Technique:[T1059-command-and-scripting-interpreter](https://attack.mitre.org/techniques/T1059) 
## Goal{% #goal %}

Monitor and respond to new incidents generated by Palo Alto Cortex XDR.

## Strategy{% #strategy %}

Trigger notifications for any new incident generated by Palo Alto Cortex XDR. See [Triage Incidents](https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Pro-Administrator-Guide/Triage-Incidents) in the Cortex Help Center for more information.

## Triage and response{% #triage-and-response %}

1. Investigate the new incident details from here `{{@xdr_url}}`, focusing on the severity level `{{@severity}}`.
1. Notify the appropriate team for further analysis.
1. Adhere to organizational protocols to effectively address and mitigate the incident impact.