Palo Alto Networks: Cortex XSIAM: Security Operations, Integration and Automation
- Código del Curso PAN-CXSIAMSOIA
- Duración 3 días
Otros Métodos de Impartición
Salta a:
Método de Impartición
Este curso está disponible en los siguientes formatos:
-
Cerrado
Cerrado
-
Clase de calendario
Aprendizaje tradicional en el aula
-
Aprendizaje Virtual
Aprendizaje virtual
Solicitar este curso en un formato de entrega diferente.
Temario
Parte superiorDesigned to enable cybersecurity professionals, particularly those in SOC/CERT/CSIRT and engineering roles, to use XSIAM.
XSIAM is the industry's most comprehensive security incident and asset management platform, offering extensive coverage for securing and managing infrastructure, workloads, and applications across multiple environments.
Calendario
Parte superiorDirigido a
Parte superiorObjetivos del Curso
Parte superiorThis course is designed to enable you to:
- Describe how endpoint agents, XDR collectors, NGFWs, and Broker VMs secure networks and devices.
- Query and analyze logs using XQL for data ingestion and detection.
- Configure Threat Intel Management features, automate workflows, and apply EDLs and indicator rules.
The course reviews XSIAM intricacies, from fundamental components to advanced strategies and techniques, including skills needed to configure security integrations, develop automation workflows, manage indicators, and optimize dashboards for enhanced security operations.
Contenido
Parte superiorCourse Modules
- Course Overview
- Overview of Cortex XSIAM
- Software Components
- XQL
- Detection Engineering
- Integrations
- Automation
- Threat Intel Management
- Attack Surface Management
- UI Customizations
Pre-requisitos
Parte superior- Participants should have foundational understanding of cybersecurity principles and experience with analyzing incidents and using security tools for investigation.