XSIAM is the industry's most comprehensive security incident and asset management platform, offering extensive coverage for securing and managing infrastructure, workloads, and applications across multiple environments.
Throughout this course, you will explore the key features of Cortex XSIAM.
This course is designed to enable you to:
– Deploy, configure, and install XDR agents and configure Agent Groups and profiles
– Investigate incidents, examine assets and artifacts, and understand the causality chain
– Create correlation rules, use XQL to query logs, and analyze incidents using available tools and resources
COURSE OBJECTIVE:
• The course is designed to enable cybersecurity professionals, particularly those in SOC/CERT/CSIRT and Security Engineering roles, to use XSIAM.
• The course reviews XSIAM intricacies, from fundamental components to advanced strategies and automation techniques, including skills needed to navigate incident handling, optimize log sources, and orchestrate cybersecurity excellence.
TARGET AUDIENCE:
SOC/CERT/CSIRT/XSIAM engineers and managers, MSSPs and service delivery partners/system integrators, internal and external professional-services consultants and sales engineers, incident responders and threat hunters.
COURSE PREREQUISITES:
• Participants must be familiar with enterprise product deployment, networking, and security concepts.
COURSE CONTENT:
1 – Introduction to Cortex XSIAM
2 – Elements of Security Operations
3 – Maturity Model
4 – Agent Deployment and Configuration
5 – Data Source Ingestion
6 – Visibility
7 – Data Model
8 – Analytics
9 – Alerting and Detecting
10 – Attack Surface Management
11 – Automation
12 – Incident Handling / SOC
FOLLOW ON COURSES:
Not available. Please contact.