Who should attend
SOC/CERT/CSIRT/XDR engineers and managers, MSSPs and service delivery partners/system integrators, security consultants and sales engineers.
Prerequisites
Attendees should possess a solid understanding of cybersecurity principles, including network and endpoint security concepts.
Course Objectives
This course is designed to enable you to:
- Describe the role of Cortex XDR components, including endpoint agents, XDR collectors, NGFWs, and Broker VMs, in securing networks and devices.
- Utilize XQL to query and analyze logs for effective data ingestion and threat detection.
- Design and implement workflows to streamline security operations.
- Apply External Dynamic Lists and indicator rules to enforce security policies.
Course Content
Course Modules:
- 0 - Course Overview
- 1 - Overview of Cortex XDR
- 2 - Software Components
- 3 - Integrations
- 4 - XQL
- 5 - Detection Engineering
- 6 - Platform Automation
- 7 - System Optimization
- 8 - Dashboards and Reports
- 9 - Email Security