Security Operations, Integration, and Automation

  • Home
  • /
  • Courses
  • /
  • Security Operations, Integration, and Automation

Security Operations, Integration, and Automation

Course ID: Cortex XSIAM
Duration: 3 Days
Enquire
Schedule

Overview

XSIAM is the industry’s most comprehensive security incident and asset management platform, offering extensive coverage for securing and managing infrastructure, workloads, and applications across multiple environments.

The course is designed to enable cybersecurity professionals, particularly those in SOC/CERT/CSIRT and engineering roles, to use XSIAM. The course reviews XSIAM intricacies, from fundamental components to advanced strategies and techniques, including skills needed to configure security integrations, develop automation workflows, manage indicators, and optimize dashboards for enhanced security operations.

Enquire
View Schedule
Private in-house training

Apart from public, instructor-led classes, we also offer private in-house trainings for organizations based on their needs. Call us at +852 2116 3328 or email us at [email protected] for more details.

What are the skills covered

This course is designed to enable you to:

  • Describe how endpoint agents, XDR collectors, NGFWs, and Broker VMs secure networks and devices.
  • Query and analyze logs using XQL for data ingestion and detection.
  • Configure Threat Intel Management features, automate workflows, and apply EDLs and indicator rules.
Who should attend this course

SOC/CERT/CSIRT/XSIAM engineers and managers, MSSPs and service delivery partners/system integrators, internal and external professionalservices consultants and sales engineers, SIEM and automation engineers.

Course Modules

Module 0: Course Overview
Module 1: Overview of Cortex XSIAM
Module 2: Software Components
Module 3: XQL
Module 4: Detection Engineering
Module 5: Integrations
Module 6: Automation
Module 7: Threat Intel Management
Module 8: Attack Surface Management
Module 9: UI Customizations

Prerequisites

Participants should have a foundational understanding of cybersecurity principles and experience with network and endpoint security fundamentals.

Search for a course

Facebook Whatsapp Linkedin Youtube