Threat Assessment: Ignoble Scorpius, Distributors of BlackSuit Ransomware
Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012 and CVE-2024-9474 (Updated Nov. 19)
FrostyGoop’s Zoom-In: A Closer Look into the Malware Artifacts, Behaviors and Network Communications
See all Unit 42 Threat Research
Back

Palo Alto Networks

(EDU-262) Cortex XDR:
Investigation and Response

Designed to help students use Cortex XDR management console to investigate attacks, understand the concepts of causality, analyze alerts, and use advanced response actions

Platform:
Security Operations
Duration:
2 Days
Format:
Instructor-led training
Register for course Access digital learning Download datasheet

Successful completion of this instructor- led course with hands- on lab activities should enable participants to:

  • Investigate and manage incidents
  • Describe the Cortex XDR causality and analytics concepts
  • Analyze alerts using the Causality and Timeline Views
  • Work with Cortex XDR Pro actions such as remote script execution
  • Create and manage on-demand and scheduled search queries in the Query Center
  • Create and manage the Cortex XDR rules BIOC and IOC
  • Working with Cortex XDR assets and inventories
  • Write XQL queries to search datasets and visualize the result sets
  • Work with Cortex XDR's external-data collection

Cybersecurity Analysts and Engineers, Security Operations Specialists

Participants must have taken the course EDU-260 (Cortex XDR: Prevention and Deployment).

Related Certifications: PCDRA, Security Operations Generalist

Palo Alto Networks Training Credits allow you a single point of purchase for training for use throughout the year. Training credits are redeemable by all employees within an organization for any Palo Alto Networks open enrollment, private on-site, or online course offered by our Authorized Training Partners (ATPs).

Continue your learning journey

Access digital learning View certification portfolio

Get the latest news, invites to events, and threat alerts