Palo Alto Networks: Cortex XSIAM: Security Operations, Integration and Automation
- Course Code PAN-CXSIAMSOIA
- Duration 3 days
Course Delivery
Jump to:
Course Delivery
This course is available in the following formats:
-
Public Classroom
Traditional Classroom Learning
Request this course in a different delivery format.
Course Overview
TopDesigned to enable cybersecurity professionals, particularly those in SOC/CERT/CSIRT and engineering roles, to use XSIAM.
XSIAM is the industry's most comprehensive security incident and asset management platform, offering extensive coverage for securing and managing infrastructure, workloads, and applications across multiple environments.
Course Schedule
TopTarget Audience
TopCourse Objectives
TopThis course is designed to enable you to:
- Describe how endpoint agents, XDR collectors, NGFWs, and Broker VMs secure networks and devices.
- Query and analyze logs using XQL for data ingestion and detection.
- Configure Threat Intel Management features, automate workflows, and apply EDLs and indicator rules.
The course reviews XSIAM intricacies, from fundamental components to advanced strategies and techniques, including skills needed to configure security integrations, develop automation workflows, manage indicators, and optimize dashboards for enhanced security operations.
Course Content
TopCourse Modules
- Course Overview
- Overview of Cortex XSIAM
- Software Components
- XQL
- Detection Engineering
- Integrations
- Automation
- Threat Intel Management
- Attack Surface Management
- UI Customizations
Course Prerequisites
Top- Participants should have foundational understanding of cybersecurity principles and experience with analyzing incidents and using security tools for investigation.