Cortex XSOAR
-
Cortex XSOAR 8: What’s New
This course introduces Cortex XSOAR 8 and its features, including the new user interface (UI) which has a unified look and feel to the other Cortex solutions. One of the most significant improvements is a revamped architecture that utilizes cloud featu...
-
Introduction to Cortex XSOAR
This training introduces the basic concepts and the key features of Cortex XSOAR.
-
Cortex XSOAR 6.9: What's New
This course describes some of the new features in Cortex XSOAR 6.9, including the Deployment Wizard, content removal on a session timeout, SAML 2.0 Additional Fields, and playbook zoom level persistence.
-
Cortex XSOAR 6.2: What's New
This course describes the new features and enhancements that Cortex XSOAR 6.2 introduces within the following areas: threat intel management, playbook debugging, widgets, dashboards, reports, Marketplace, case management, and platform enhancements.
Cortex XSOAR Analyst Training
-
Cortex XSOAR: Analyst - Global Concepts
This course describes how you can use Cortex XSOAR to formalize incident analysis with integrations, automate investigative workflows with scripts, collaborate with team members using the War Room, manage threat intelligence with playbooks and testing ...
-
Cortex XSOAR: Analyst - Incident Investigation
This course describes the incident-investigation process. It discusses the typical steps analysts take to investigate incidents and how to perform them in Cortex XSOAR.
-
Cortex XSOAR: Analyst - Incident Management
This course describes the management of incidents and it discusses how you can filter the display of incidents based on specified attributes. It also describes information-display options and available actions.
-
Cortex XSOAR: Analyst - Analysis and Collaboration
The War Room is a collection of entries from script, commands, and playbooks. It enables you to work with other team members to collaborate on incidents. You can mark entries in the War Room as evidence to send them to the Evidence Board for further in...
-
Cortex XSOAR: Analyst - Work Plan and Playbooks
This course describes the features and functions of an incident Work Plan and how you use them to investigate an incident. It also introduces you to the playbook tasks.
-
Cortex XSOAR: Analyst - Indicators
Indicators are detected and ingested into the Cortex XSOAR system through integrations. You can take various actions to manage indicators from the Threat Intel page. This course provides an overview of indicators and how to manage them in Cortex XSOAR.
-
Cortex XSOAR: Analyst - Dashboards and Reports
You can customize existing dashboards and reports or create your own. Both dashboards and reports provide visualization through customizable widgets that can help you analyze data in different formats. This course discusses the functions and capabiliti...
Cortex XSOAR Engineer Training
-
Cortex XSOAR Engineer: Integration Concepts and Configurations
This course covers the different types of integrations and their relationship with other Cortex XSOAR components. Additionally, it provides guidance on accessing, searching, installing, configuring, and enabling both existing and new integrations withi...
-
Cortex XSOAR Engineer: Classification and Mapping
This course describes the significance of classification and mapping in the incident lifecycle and outlines the steps for creating and setting up a classifier and a mapper in an integration instance.
-
Cortex XSOAR Engineer: Incident Layout Customization
This course provides an overview of the various components of the layout builder and how to customize a layout using the layout builder.
-
Cortex XSOAR Engineer: Playbook Development
This course introduces playbook concepts, describes the playbook development process, and outlines the steps for creating playbooks.
-
Cortex XSOAR Engineer: Pre-Process Rules
This course describes Cortex XSOAR pre-process rules and their application to Cortex XSOAR incidents. This course also outlines the steps to create and manage pre-process rules.
-
Cortex XSOAR Engineer: Working with Lists
This course describes the usage of lists in Cortex XSOAR, outlines the steps to create lists, and gives an overview of commands to manage lists.
-
Cortex XSOAR Engineer: Creating and Managing Jobs
This course covers creating and managing jobs in Cortex XSOAR.
-
Cortex XSOAR Engineer: Widgets Development
This course covers widget development in Cortex XSOAR, including the steps to create widgets and the utilization of JSON files and scripts.
Cortex XSOAR IT Administrator Training
-
Cortex XSOAR Administrator: Users and Role Management
This course describes user management in the Cortex XSOAR platform as well as managing access control by defining various role-based permissions.
-
Cortex XSOAR Administrator: Docker Container Management
This course describes the use of Docker images in Cortex XSOAR and Docker container lifecycle in Cortex XSOAR. The course also describes server configuration for Docker hardening and changing Docker images for automation and integration.
-
Cortex XSOAR Administrator: File System, System Diagnostics, and Logs
This course provides an overview of the file system and primary directories in Cortex XSOAR. The course also describes monitoring system performance and accessing logs for troubleshooting.
-
Cortex XSOAR Administrator: Content Management
This course describes content packs and how you can install and contribute content packs on the Cortex XSOAR Marketplace. The course also describes how you can enable and configure a remote content repository for content management.
-
Cortex XSOAR Administrator: Backup and Restore
This course describes both automated and manual backup solutions, Live Backup configuration, and the restoration process for database management in the Cortex XSOAR environment.
-
Cortex XSOAR Administrator: Air-Gapped Deployment
This course describes air-gapped deployment, its dependencies, and the steps to take for deployment.
-
Cortex XSOAR Administrator: Overview and Solution Architecture
This course provides an overview of the various components of Cortex XSOAR and describes the solution architecture that you can use for deployment.
-
Cortex XSOAR Administrator: Deployment
This course describes the requirements, processes, and steps to deploy, install, and provision the Cortex XSOAR server in your environment.
Cortex XSOAR: Administrator Training for MSSP
Cortex XSOAR: Threat Intelligence
-
Cortex XSOAR 6.5: What’s New in Threat Intel Management
The Cortex XSOAR 6.5: What’s New in Threat Intel Management course describes the new features of Threat Intel Management in Cortex XSOAR 6.5.
-
Cortex XSOAR: Threat Intel Management Indicators
Cortex XSOAR enables you to sort through thousands of indicators daily, prioritize critical threats, and take automated steps towards proactive security. This course describes how you can query indicators and create indicator relationships in Cortex XS...
-
Cortex XSOAR: Threat Intel Management Native Threat Intelligence
The Cortex XSOAR native threat intel management capabilities provide you with the ability to manage threat intelligence across its lifecycle, including threat intel aggregation, scoring, and sharing. This course describes native threat intelligence and...
-
Cortex XSOAR: Threat Intel Management Threat Intel Feed Integration
In Cortex XSOAR you can configure threat intel feed integration, analyze indicators using playbooks, and integrate threat intel feeds into Palo Alto Networks firewalls. This course describes how you can configure threat intel feed integration and how y...
Recorded Webinars
-
Use Case Definition in Cortex XSOAR
This webinar describes the use case definition template in Cortex XSOAR. The webinar also describes integrations, automations, and how to create playbooks in Cortex XSOAR.
-
Getting Started with Cortex XSOAR Part 1
The webinar describes Cortex XSOAR terminologies, the basic dataflow, investigating a phishing incident, running a command from the War Room, building a basic playbook, investigating an incident with an out-of-the-box playbook, and designing a use case.
-
Getting Started with Cortex XSOAR Part 2
The webinar describes how you can run commands from the War Room, how you can perform tasks such as enriching an IP address, extracting indicators from a given text, and pinging a particular domain.
