Your Cart Is Empty
Home > Technical Courses > Palo Alto > Cortex XDR: Investigation and Response
This instructor-led course teaches you how to use the Incidents pages of the Cortex XDR management console to investigate attacks. It explains causality chains, detectors in the Analytics Engine, alerts versus logs, log stitching, and the concepts of caus
This instructor-led course teaches you how to use the Incidents pages of the Cortex XDR management console to investigate attacks. It explains causality chains, detectors in the Analytics Engine, alerts versus logs, log stitching, and the concepts of causality and analytics. You will learn how to analyze alerts using the Causality and Timeline Views and how to use advanced response actions, such as remediation suggestions, the EDL service, and remote script execution.Multiple modules focus on how to leverage the collected data. You will create simple search queries in one module and XDR rules in another. The course demonstrate how to use specialized investigation views to visualize artifact-related data, such as IP and Hash Views. Additionally, it provides an introduction to XDR Query Language (XQL). The course concludes with Cortex XDR external-data-collection capabilities, including the use of Cortex XDR API to receive external alerts.
Category
ID
Duration
Level
Price
Palo Alto
13874
2 Day(s)
Intermediate
$1,895.00
Objectives
• Investigate and manage incidents• Describe the Cortex XDR causality and analytics concepts• Analyze alerts using the Causality and Timeline Views• Work with Cortex XDR Pro actions such as remote script execution• Create and manage on-demand and scheduled search queries in the Query Center• Create and manage the Cortex XDR rules BIOC and IOC• Working with Cortex XDR assets and inventories• Write XQL queries to search datasets and visualize the result sets• Work with Cortex XDR’s external-data collection
1 - Cortex XDR Incidents2 - Causality and Analytics Concepts3 - Causality Analysis of Alerts4 - Advanced Response Actions5 - Building Search Queries
6 - Building XDR Rules7 - Cortex XDR Assets8 - Introduction to XQL9 - External Data Collection
Questions?
This course is part of the following Certifications: Palo Alto Networks Certified Detection and Remediation Analyst Palo Alto Networks XDR Engineer
Participants must have completed the Cortex XDR: Prevention and Deployment (EDU-260) course.
Cortex XDR: Investigation and Response
Class Schedule
Live Online
Course Overview
Training Delivery Methods
With Productivity Point, you will have a spectrum of delivery methods to choose from... when where and how you like it. Whether it's in a classroom or online, we have a delivery option to meets your needs.
Classroom Live
Classroom Virtual
Private Group
On Demand
Classroom Live Training
Get in-person, hands-on instruction with live lab exercises taught by subject matter experts who deliver authorized and industry-leading content.
With classrooms in almost every major U.S. city, Productivity Point has something for users of every level, so you can earn the most popular industry certifications. You get hands-on learning experience with live lab exercises taught by experienced instructors. We proudly advocate our learning services to be hosted by the best-qualified trainers in terms of technical knowledge and teaching skills.
Classroom Virtual Training
Prefer to have a dedicated classroom for your virtual experience? Attend live, hands- on training via remote instructor from one of Productivity Point’s multiple locations.
Enjoy a focused and professional training environment, including all technical equipment provided along with administrative and technical support at your fingertips. With over 150 locations to choose from, review our course catalog or contact your personal Productivity Point Account Manager to see if the course you have in mind is delivered at one of our dedicated virtual classrooms in your area.
Live Online Training
Blend the best from traditional face-to-face instructor-led training with the latest in conferencing technology.
Private Group Training
Your private group classroom experience will not only take place in the location of your choice (including any of our training centers), but you will enjoy the following amenities:
On-Demand Learning
On-Demand is an IT training solution designed around your schedule, budget, and learning needs. Combining high-quality video, reading, and knowledge checks in a self-paced format, On-Demand helps you build skills as your schedule allows—all at once or five minutes at a time.
With On-Demand, you learn at your own pace and in the convenience of your own space.
With Learn at your own pace…
Productivity Point Learning Solutions evolved out of a desire to increase our outreach both nationally and internationally.
Productivity Point Headquarters 1580 Sawgrass Corporate Parkway Suite 205 Sunrise, Florida 33323 United States
Contact T 1-844-238-8607 P 1-954-425-6141 F 1-954-928-9057 E info@productivitypointls.com