fbpx

(EDU-262) Cortex XDR: Investigation and Response

Course Duration

2 Days

Target Audience

Cybersecurity analysts and engineers, and security operations specialists

Prerequisites

Participants must have taken the course EDU-260 (Cortex XDR: Prevention and Deployment).

Course Outline

Course Overview

This instructor-led course teaches you how to use the Incidents pages of the Cortex XDR management console to investigate attacks. It explains causality chains, detectors in the Analytics Engine, alerts versus logs, log stitching, and the concepts of causality and analytics. You will learn how to analyze alerts using the Causality and Timeline Views and how to use advanced response actions, such as remediation suggestions, the EDL service, and remote script execution.

Key Learning Objectives

Successful completion of this instructor-led course with hands-on lab activities should enable participants to:

  • Investigate and manage incidents
  • Describe the Cortex XDR causality and analytics concepts
  • Analyze alerts using the Causality and Timeline Views
  • Work with Cortex XDR Pro actions such as remote script execution
  • Create and manage on-demand and scheduled search queries in the Query Center
  • Create and manage the Cortex XDR rules BIOC and IOC
  • Working with Cortex XDR assets and inventories
  • Write XQL queries to search datasets and visualize the result sets
  • Work with Cortex XDR’s external-data collection

Course Modules

  1. Cortex XDR Incidents
  2. Causality and Analytics Concepts
  3. Causality Analysis of Alerts
  4. Advanced Response Actions
  5. Building Search Queries
  6. Building XDR Rules
  7. Cortex XDR Assets
  8. Introduction to XQL
  9. External Data Collection

Certification

The Cortex XDR: Investigation and Response (EDU-262) course is not linked to any Palo Alto Networks certification.

Why train with us?

We at Red Education believe that education is more than memorising facts and regurgitating information. It’s about providing quality, affordable learning accessible to everyone and changing skills and behaviours. A global cybersecurity training organisation, our passion is empowering students through learning, and after teaching over 85,000 students, we believe we are pretty good at it! We employ an outstanding team of local instructors fluent in the languages our students use to deliver a premium training outcome. Red Education’s duty of care is to fill the skills gap void with highly trained staff tasked to protect their organisations from cybercriminal activity that can disrupt business continuity and the broader economy and state infrastructure.

After completing the course, don’t forget to download your new digital badge to LinkedIn to promote your achievement to the industry and alert your peers to celebrate your new skills. Now that you know all about the benefits of (EDU-262) Cortex XDR: Investigation and Response, it’s time to sign up for the course! Basic knowledge is not sufficient in this day and age. Enrol now, and you’ll be able to take advantage of all the great benefits this course offers. Sign up here:

What Our Students Say

Learning Today, Leading Tomorrow

JOB SEEKER

Want to start out in the lucrative IT sector, armed with skills in a specific technology?

STUDENT

Entering the workforce and want to improve job prospects?

EMPLOYEE

Looking for your next promotion or need some additional certification skills?

ENTERPRISE

Do you have an immediate need to upskill your IT Team, but no training budget?

Hottest Cybersecurity Jobs Of 2022

PCNSE Certified Security Engineer

Palo Alto Networks Certified Network Security Engineer

Average Salaries in 2022: $91,000 * USD

A Palo Alto Certified Network Security Engineer (PCNSE) is a professional that is tasked to maintain and install the network security of an organization. Engineer delivers support, assessment, and research into the deployed Palo Alto Networks equipment’s processes and issues. The engineer will assume responsibility as the expert of the Palo Alto Networks products, such as firewall, IPS/IDS, and VPN, among others.

Payscale (as of September 2022)

Cybersecurity Engineer

Cybersecurity Engineer

Average Salaries in 2022: $109,749 * USD

Cybersecurity Engineers, sometimes called Information Security Engineers, identify threats and vulnerabilities in systems and software, then apply their skills to developing and implementing high-tech solutions to defend against hacking, malware and ransomware, insider threats and all types of cybercrime.

ZipRecruiter (as of April 2022)

Security Analyst

Security Analyst

Average Salaries in 2022: $83,549 * USD

Security Analysts are ultimately responsible for ensuring that the company’s digital assets are protected from unauthorized access. This includes securing both online and on-premise infrastructures, weeding through metrics and data to filter out suspicious activity, and finding and mitigating risks before breaches occur.

ZipRecruiter (as of April 2022)

Penetration Tester

Penetration Tester

Average Salaries in 2022: $105,984 * USD

Penetration Testers help organizations identify and resolve security vulnerabilities affecting their digital assets and computer networks

ZipRecruiter (as of April 2022).

Security Consultant

Security Consultant

Average Salaries in 2022: $87,922 * USD

A Security Consultant works as an advisor and supervisor for all security measures necessary to effectively protect a company or client’s assets. Security Consultants use their knowledge and expertise to assess possible security threats and breaches in order to prevent them and create contingency protocols and plans for when violations occur.

ZipRecruiter (as of April 2022)

Student Testimonials

“A great option that offers flexibility to your customers – the process was super simple to step through”

Luke Snell

Principal Networks

“Great course. Lots of information I can use for my job.”

R Griffin

Network Engineer

STUDY NOW PAY LATER | FLEXIBLE PAYMENT OPTIONS

USA

Learn More

Singapore

Learn More

ANZ

Learn More

How it works?

Affirm

Affirm

Get up to $17,500 USD to choose weekly, fortnightly, or monthly repayments over a repayment term of up to 24 months, with no deposit!

Student Eligibility:

  • 18 years or older.
  • American Citizen and American Resident.
  • Have a mobile phone and email address.
  • Be employed and able to service the payment plan.

More details and FAQs about Learn Now, Pay Later here.

To have your course tuition covered by Affirm, please contact us.

Atome

Atome

Get up to $3,000 SGD on a 12-month interest-free loan with Atome. Atome is a reusable account that lets you study now and pay later.

Student Eligibility:

  • 18 years or older.
  • Singapore Citizen and Singapore Resident.
  • Hold NRIC/FIN
  • Have a mobile phone and email address.
  • Be employed and able to service the payment plan.

Shop online and in-store up to your account limit, then set flexible repayments to suit your lifestyle. There’s no deposit and every purchase comes with its own interest-free period. More details and FAQ about Atome here.

To have your course tuition covered by Atome, please contact us.

Zip

Zip Money

Get up to $8,000 AUD on a 12-month interest-free loan with Zip Money.

Student Eligibility:

  • 18 years or older.
  • Australian Citizen, New Zealand Citizen, or Permanent Resident.
  • Have a mobile phone and email address.
  • Be employed and able to service the payment plan.

Zip Money is a reusable account that lets you study now and pay later. Shop online and in-store up to your account limit, then set flexible repayments to suit your lifestyle. There’s no deposit and every purchase comes with its own interest-free period. More details and FAQ about Zip Money here. To have your course tuition covered by Zip Money, please contact us.

Get Custom Advice

Fill out the form below, and we’ll give you a ring to talk through your options.

    Translate »