Search
START TYPING AND PRESS ENTER TO SEARCH
Image

Cortex XSIAM for Security Operations and Automation (EDU-270)

Palo Alto Networks
XSIAM is the industry's most comprehensive security incident and asset management platform, offering extensive coverage for securing and managing infrastructure, workloads, and applications across multiple environments. Throughout this course, you will explore the key features of Cortex XSIAM. This course is designed to enable you to:

Deploy, configure, and install XDR agents and configure Agent Groups and profiles
Investigate incidents, examine assets and artifacts, and understand the causality chain
Create correlation rules, use XQL to query logs, and analyze incidents using available tools and resources

Who should attend:

SOC/CERT/CSIRT/XSIAM engineers and managers, MSSPs and service delivery partners/system integrators, internal and external professional-services consultants and sales engineers, incident responders and threat hunters.

Cortex XSIAM for Security Operations and Automation (EDU-270) Objectives

  • The course is designed to enable cybersecurity professionals particularly those in SOC/CERT/CSIRT and Security Engineering roles to use XSIAM. The course reviews XSIAM intricacies from fundamental components to advanced strategies and automation techniques including skills needed to navigate incident handling optimize log sources and orchestrate cybersecurity excellence.

Need Assistance Finding the Right Training Solution

Our Consultants are here to assist you
Arrange a consultation

Key Point of Training Programs

  • Cortex XSIAM for Security Operations and Automation (EDU-270) Outline

    1 - Introduction to Cortex XSIAM
    2 - Elements of Security Operations
    3 - Maturity Model
    4 - Agent Deployment and Configuration
    5 - Data Source Ingestion
    6 - Visibility
    7 - Data Model
    8 - Analytics
    9 - Alerting and Detecting
    10 - Attack Surface Management
    11 - Automation
    12 - Incident Handling / SOC

  • Cortex XSIAM for Security Operations and Automation (EDU-270) Course Format

    Live Virtual Course

  • Cortex XSIAM for Security Operations and Automation (EDU-270) Prerequisites

    Participants must be familiar with enterprise product deployment, networking, and security concepts.

    Have a Question About This Course?