Palo Alto Networks: Cortex XSIAM: Security Operations, Integration and Automation
- Kursuskode PAN-CXSIAMSOIA
- Varighed 3 dage
Leveringsmetoder
Go to:
Leveringsmetoder
Kurset er tilgængeligt i følgende formater:
-
Åbent kursus
Traditionel klasserumsundervisning
Anmod om dette kursus Med en anden leveringsløsning
Beskrivelse
ToppenDesigned to enable cybersecurity professionals, particularly those in SOC/CERT/CSIRT and engineering roles, to use XSIAM.
XSIAM is the industry's most comprehensive security incident and asset management platform, offering extensive coverage for securing and managing infrastructure, workloads, and applications across multiple environments.
Kursusdato
ToppenMålgruppe
ToppenKursets formål
ToppenThis course is designed to enable you to:
- Describe how endpoint agents, XDR collectors, NGFWs, and Broker VMs secure networks and devices.
- Query and analyze logs using XQL for data ingestion and detection.
- Configure Threat Intel Management features, automate workflows, and apply EDLs and indicator rules.
The course reviews XSIAM intricacies, from fundamental components to advanced strategies and techniques, including skills needed to configure security integrations, develop automation workflows, manage indicators, and optimize dashboards for enhanced security operations.
Kursusindhold
ToppenCourse Modules
- Course Overview
- Overview of Cortex XSIAM
- Software Components
- XQL
- Detection Engineering
- Integrations
- Automation
- Threat Intel Management
- Attack Surface Management
- UI Customizations
Forudsætninger
Toppen- Participants should have foundational understanding of cybersecurity principles and experience with analyzing incidents and using security tools for investigation.