- Course overview
- Course details
- Prerequisites
Course overview
About this course
This course dives deep into the operational power of Cortex XSIAM, Palo Alto Networks’ comprehensive security incident and asset management platform. Through a blend of lectures and hands-on labs, cybersecurity professionals will gain practical experience in using XSIAM to secure and streamline their environments. Topics include XQL-based log analysis, integration of threat intel feeds, automation of incident workflows, and customization of dashboards for enhanced visibility and response.
Audience profile
This course is intended for SOC/CERT/CSIRT/XSIAM engineers and managers, MSSPs and service delivery partners/system integrators, internal and external professional services consultants and sales engineers, SIEM and automation engineers.
At course completion, you will learn:
- How endpoint agents, XDR collectors, NGFWs, and Broker VMs secure networks and devices.
- Query and analyze logs using XQL for data ingestion and detection.
- Configure Threat Intel Management features, automate workflows, and apply EDLs and indicator rules.
Course details
0. Course Overview
1. Overview of Cortex XSIAM
2. Software Components
3. XQL
4. Detection Engineering
5. Integrations
6. Automation
7. Threat Intel Management
8. Attack Surface Management
9. UI Customizations
Prerequisites
Participants should have foundational understanding of cybersecurity principles and experience with analyzing incidents and using security tools for investigation.
Enquiry
Course : Cortex XSIAM: Security Operations, Integration, and Automation
Enquiry
request for : Cortex XSIAM: Security Operations, Integration, and Automation
