Which two methods does the Cortex XDR agent use to identify malware during a scheduled scan?

The identification of malware during a scheduled scan by the Cortex XDR agent leverages both WildFire hash comparison and signature comparison methods.

WildFire hash comparison involves checking files against a database of known malware hashes that have been analyzed and categorized by the WildFire service. This allows for swift identification of files that are recognized as malicious based on their unique hash values.

Signature comparison, on the other hand, analyzes the characteristics or patterns of files against a repository of known malware signatures. This method is effective in detecting malware that matches specific patterns or attributes associated with previously identified threats.

Together, these methods provide a robust mechanism for detecting malware efficiently during scheduled scans, ensuring that both known malware and variations of those threats can be quickly identified and addressed.