EDU - 260 Cortex XDR 2: Prevention, Analysis, and Response
Course Overview
Objectives
Successful completion of this instructor-led course with hands-on lab activities
should enhance the student’s understanding of how to activate a Cortex XDR
instance; create agent installation packages to install the Cortex XDR agents; create
security policies and profiles to protect endpoints against multi-stage, fileless attacks
built using malware and exploits; respond to attacks using response actions;
understand behavioral threat analysis, log stitching, agent-provided enhanced
endpoint data, and causality analysis; investigate and triage attacks using the
incident management page of Cortex XDR and analyze alerts using the Causality and
Timeline analysis views; use API to insert alerts; create BIOC rules; and search a lead
in raw data sets in Cortex Data Lake using Cortex XDR Query Builder