Microtek Learning Logo

Cortex XDR: Investigation and Response (EDU-262) Training

4.8
(4.8)

This instructor-led training shows you how to use the Cortex XDR management console's Incidents pages to look into assaults. It defines causality chains, alerts versus logs, the Analytics Engine's detectors, log stitching, and the ideas of analytics and causation.

  • Category : Palo Alto

Course Price : $1695 Per Participant

Course Description

This instructor-led training shows you how to use the Cortex XDR management console's Incidents pages to look into assaults.

It defines causality chains, alerts versus logs, the Analytics Engine's detectors, log stitching, and the ideas of analytics and causation.

You will gain knowledge of how to utilize the EDL service, remote script execution, and remedial recommendations, as well as the Causality and Timeline Views to analyze alerts.

How to make use of the data gathered is covered in depth throughout several modules.

In one section, you'll craft standard query formats, while in another, you'll develop XDR policies.

The lesson shows how to use investigation views like IP and Hash Views to examine artifact information graphically. In addition, XQL (XDR Query Language) is introduced.

The last section of the course covers the Cortex XDR API for receiving external alerts and other forms of external data collecting.

Microsoft Course Microsoft Course
500+

Courses

experience experience
20+

Years of Experience

learners learners
95K+

Global Learners

What you will learn

  • green-tick Examine and handle incidents
  • green-tick Describe the causality and analytics ideas used in Cortex XDR.
  • green-tick Utilize the Causality and Timeline to analyze alerts Views
  • green-tick Use Cortex XDR Pro features like remote script execution.
  • green-tick In the Query Centre, create and manage ad-hoc and planned search queries.
  • green-tick Create and maintain the BIOC and IOC Cortex XDR rules.
  • green-tick Utilizing the resources and stockpiles of Cortex XDR
  • green-tick To search datasets, create XQL searches and see the results,
  • green-tick Utilize the external-data collecting feature of Cortex XDR

Who should attend this course?

  • Cybersecurity analysts and engineers, and security operations specialists

Schedules

  • Dec 21, 2023
  • 9:00 am - 5:00 pm EST
  • online

Can’t Find The Batch You’re Looking For?

Request a Batch

Course Details

  • enroll enroll-green
    Enrolled: 2435
  • duration duration green
    Duration: 2 Days

Talk to Learning Advisor