Palo Alto Networks: Cortex XSIAM: Security Operations, Integration and Automation
- Code training PAN-CXSIAMSOIA
- Duur 3 dagen
Andere trainingsmethoden
Ga naar:
Methode
Deze training is in de volgende formats beschikbaar:
-
Klassikale training
Klassikaal leren
-
Op locatie klant
Op locatie klant
-
Virtueel leren
Virtueel leren
Vraag deze training aan in een andere lesvorm.
Trainingsbeschrijving
Naar bovenDesigned to enable cybersecurity professionals, particularly those in SOC/CERT/CSIRT and engineering roles, to use XSIAM.
XSIAM is the industry's most comprehensive security incident and asset management platform, offering extensive coverage for securing and managing infrastructure, workloads, and applications across multiple environments.
Virtual Learning
This interactive training can be taken from any location, your office or home and is delivered by a trainer. This training does not have any delegates in the class with the instructor, since all delegates are virtually connected. Virtual delegates do not travel to this course, Global Knowledge will send you all the information needed before the start of the course and you can test the logins.
Data
Naar bovenDoelgroep
Naar bovenTrainingsdoelstellingen
Naar bovenThis course is designed to enable you to:
- Describe how endpoint agents, XDR collectors, NGFWs, and Broker VMs secure networks and devices.
- Query and analyze logs using XQL for data ingestion and detection.
- Configure Threat Intel Management features, automate workflows, and apply EDLs and indicator rules.
The course reviews XSIAM intricacies, from fundamental components to advanced strategies and techniques, including skills needed to configure security integrations, develop automation workflows, manage indicators, and optimize dashboards for enhanced security operations.
Inhoud training
Naar bovenCourse Modules
- Course Overview
- Overview of Cortex XSIAM
- Software Components
- XQL
- Detection Engineering
- Integrations
- Automation
- Threat Intel Management
- Attack Surface Management
- UI Customizations
Voorkennis
Naar boven- Participants should have foundational understanding of cybersecurity principles and experience with analyzing incidents and using security tools for investigation.