(EDU-270) Cortex^® XSIAM for Security Operations and Automation

Objectives

The course is designed to enable cybersecurity professionals, particularly those in SOC/CERT/CSIRT and Security Engineering roles, to achieve mastery in XSIAM.

The course reviews XSIAM's intricacies, from its fundamental components to advanced strategies and automation techniques, including skills needed to navigate incident handling, optimize log sources, and orchestrate cybersecurity excellence.

Target Audience

SOC/CERT/CSIRT/XSIAM engineers, MSSPs and service delivery partners/system integrators, professional-services consultants and sales engineers, internal and external, SOC manager, IR, and hunt team members.

Prerequisites

Participants must be familiar with enterprise product deployment, networking, and security concepts.

Palo Alto Networks Education

The technical curriculum developed by Palo Alto Networks and delivered by Palo Alto Networks Authorized Training Partners helps provide the knowledge and expertise you need to protect our digital way of life. Our trusted certifications validate your knowledge of the Palo Alto Networks product portfolio and your ability to help prevent successful cyberattacks and safely enable applications.

Authorized Courseware

Each attendee will receive a student guide and lab exercise guide in the form of a secure PDF. Students will access these materials by creating an account with a third party platform, Kortext, hosted by our fulfilment supplier.

Course Modules

1. Introduction to Cortex XSIAM
2. Elements of Security Operations
3. Maturity Model
4. Agent Deployment and Configuration
5. Data Source Ingestion
6. Visibility
7. Data Model
8. Analytics
9. Alerting and Detecting
10. Attack Surface Management
11. Automation
12. Incident Handling /SOC