The Palo Alto Networks Cortex XSOAR: Engineering Security Automation Solutions course is a four-day instructor-led training with a blend of lectures and hands-on labs. This training will enable students to use Cortex XSOAR to: • Conduct incident investigation and response activities on a phishing campaign • Create custom dashboards and generate reports • Install multiple engines and configure a load balancing group • Use built-in and external integrations to ingest incidents and automate security processes • Plan and implement an automation use case by building playbooks and automation scripts

Successful completion of this four-day, instructor-led course should enable students to integrate their existing security tools with Cortex XSOAR to streamline security processes, accelerate security outcomes, and automate manual security-oriented tasks.

• SOC / SIEM / Automation Engineers • MSSPs and Service Delivery Partners working with XSOAR

Participants should have a basic understanding of: • Networking concepts, such as identifying private IPs and domains • Cybersecurity concepts, such as Indicators of Compromise • Navigating Windows and Linux environments using the GUI and CLI

Course Modules 0 - Course Introduction 1 - XSOAR Overview 2 - Incident Management 3 - Threat Intelligence 4 - Analyst Investigations 5 - Dashboards, Reports, and Timers 6 - Integrations and Content Management 7 - Architecture 8 - Use Case Planning and Implementation 9 - Playbook Development 10 - Automation Scripts Scope Ÿ Duration: 4 days Ÿ Format: Lecture and hands-on labs Ÿ Platform support: Cortex XSOAR