Course Summary

This training is designed to enable a SOC, CERT, CSIRT, or SOAR engineer to start working with Cortex XSOAR integrations, playbooks, incident-page layouts, and other system features to facilitate resource orchestration, process automation, case management, and analyst workflow.

The third module of the course demonstrates a complete playbook-development process for automating a typical analyst workflow to address phishing incidents. This end-to-end view of the development process provides a framework for more focused discussions of individual topics that are covered in subsequent modules.

You will gain skills like:

• Understanding the fundamentals of security orchestration, automation, and response (SOAR) using Cortex XSOAR.
• Designing and implementing automated workflows and playbooks to streamline incident response and security operations.
• Integrating security tools, APIs, and data sources into Cortex XSOAR to enhance automation capabilities.
• Utilizing Cortex XSOAR to orchestrate responses to security incidents, including alert handling and case management.
• Configuring and customizing Cortex XSOAR to meet specific organizational security requirements and use cases.

Module 1: Core Functionality and Feature Sets

Module 2: Enabling and Configuring Integrations

Module 3: Playbook Development

Module 4: Classification and Mapping

Module 5: Layout Builder

Module 6: Solution Architecture

Module 7: Docker

Module 8: Automation Development and Debugging

Module 9: The Marketplace and Content Management

Module 10: Indicators and Threat Intelligence Management

Module 11: Jobs and Job Scheduling

Module 12: Users and Role-Based Access Controls (RBAC)

Module 13: Integration Development

There are no prerequisites to this course.

Upon successful completion of the course, delegates will receive a certificate of completion, acknowledging their proficiency in the subject matter.

Following your booking, a confirmation message will be sent to all participants, ensuring you're well-informed of your successful enrollment. Calendar placeholders will also be dispatched to assist you in scheduling your commitments around the course. Rest assured, all course materials and access to necessary labs or platforms will be provided no later than one week before the course begins, allowing you ample time to prepare and engage fully with the learning experience ahead.

Our comprehensive training package includes all the necessary materials and resources to facilitate a full learning experience. Enrollees will be provided with detailed course content, encompassing a wide array of topics to ensure a thorough understanding of the subject matter. Additionally, participants will receive a certificate of completion to recognize their dedication and hard work. It's important to note that while the course fee covers all training materials and experiences, the examination fee for certification is not included but can be purchased separately.

Questions About This Course?