Gain an understanding of how to configure and manage Palo Alto Networks Next-Generation Firewalls (NGFWs).
Palo Alto Networks Cortex XSIAM: Investigation and Analysis
Learn to investigate and analyze threats with Cortex XSIAM. Red Education’s course builds real-world skills in AI-driven security operations.
Course Duration
2 Days
Target Audience
SOC/CERT/CSIRT/XSIAM analysts and managers, MSSPs and service delivery partners/system integrators, internal and external professional-services consultants and sales engineers, incident responders and threat hunters.
Course Overview
Cortex XSIAM: Investigation and Analysis is a 2-day, hands-on training course designed to equip cybersecurity professionals with the knowledge and skills to effectively investigate incidents and manage security operations using Cortex XSIAM — Palo Alto Networks’ next-generation SOC platform.
Participants will learn how to query and analyze logs with XQL, leverage built-in threat intelligence tools, automate investigation workflows, and visualize security data using dashboards and reports. With a strong focus on real-world application, this course combines lectures and lab-based exercises to ensure participants gain practical expertise in incident analysis and response.
Key Learning Objectives
The course is designed to enable cybersecurity professionals, particularly those in SOC/CERT/CSIRT and Security Analysts roles, to use XSIAM. The course reviews XSIAM intricacies, from fundamental components to advanced strategies and techniques, including skills needed to navigate incident handling, automation, and orchestrate cybersecurity excellence.
Palo Alto Networks Cortex XSIAM: Investigation and Analysis
How You’ll Benefit
- Develop proficiency in incident investigation and response using Cortex XSIAM’s full feature set.
- Learn to write effective XQL queries to extract and analyze log data for threat detection.
- Understand how to interpret causality chains and connect evidence for root cause analysis.
- Explore Threat Intelligence Management and how it enhances incident detection.
- Gain practical experience with Automation and Orchestration capabilities to streamline SOC workflows.
- Improve organizational visibility with custom dashboards and real-time reporting tools.
- Learn best practices for Attack Surface Management and proactive threat mitigation.
- Strengthen your SOC/CSIRT skillset and elevate your role as a security analyst or incident responder.
- Receive instruction from certified Palo Alto Networks instructors and train on the latest XSIAM platform.
- Lay the groundwork to pursue Palo Alto Networks certifications and career advancement in cybersecurity.
Palo Alto Networks Training Credits:
Training credits are a convenient way to purchase instructor-led training courses. Red Education is one of the few Globally Accredited Training partners that provides training across all Palo Alto Networks’ authorised courseware. Credits may be used for private, public, On-site or virtual instructor-led training. We can facilitate all your organisation’s training requirements through one transaction covering all parts of the world. Winner of “consecutive Training Partner of the Year Awards and Instructor of the Year Awards”, our instructors can deliver premium training in any language across any time zone. Red Education is a one-stop shop. We can facilitate all your global training requirements and are here to assist you with local advice to walk you through this process.
Your Gateway
Palo Alto Networks EDU-210 Firewall Essentials – Configuration and Management
- Course Code: EDU-210
- Delivery Mode: ILT, VILT
- Technology: Network Security, STRATA
Palo Alto Networks EDU-330 Firewall : Troubleshooting
- Course Code: EDU-330
- Delivery Mode: ILT, VILT
- Technology: Network Security, STRATA
Learn how to troubleshoot the configuration and operation of the Palo Alto Networks® Next-Generation Firewalls and PAN-OS® to gain visibility and control over applications, users, and content.
Palo Alto Networks Panorama: NGFW Management
- Delivery Mode: ILT, VILT
- Technology: Network Security, STRATA
Learn how to configure and manage the next-generation Panorama management server, gain experience configuring templates (including template variables) and device group ,gain experience with administration, log collection, and logging and reporting and become familiar with planning and design considerations for Panorama deployment
Palo Alto Networks Prisma Access SSE: Configuration and Deployment
- Delivery Mode: ILT, VILT
- Technology: Network Security, SSE
Learn the operational deployment of Prisma Access Secure Access Service Edge (SASE) and how it helps organizations embrace the needs of the modern workforce by providing network connectivity and network security services from the cloud.
Palo Alto Networks Prisma Access Browser
- Delivery Mode: ILT/VILT
- Technology: Network Security, SSE
Learn to secure remote users and branch offices with Prisma Access, managing policies and monitoring traffic for safe, reliable access.
Palo Alto Networks Prisma SD-WAN: Design and Operation
- Delivery Mode: ILT, VILT
- Technology: SASE
Learn how to configure, operate, and troubleshoot Prisma SD-WAN by enrolling in our comprehensive Prisma SD-WAN Design and Operation (EDU-238) course.
