Cortex XDR – Essentials

Cortex XDR – Essentials

Tuesday, 5th of July 2022 08:00 AM

Security teams can’t detect and stop active attacks quickly. Even though they’ve deployed countless security tools, they lack the enterprise-wide visibility and deep analytics needed to find threats. These siloed tools generate endless alerts and force analysts to pivot from console to console to verify threats, resulting in missed attacks and incomplete investigations. Faced with a shortage of cybersecurity professionals, teams must simplify operations.

Cortex XDR™ defines the new category for extended detection and response that integrates endpoint, network, and cloud data to stop sophisticated attacks. As the market’s first and leading XDR category product, Cortex XDR unifies prevention, detection, investigation, and response in one platform for unrivaled security and operational efficiency.

XDR stitches together data from the endpoint, network, and cloud in a robust data lake. Applying advanced machine learning and analytics, it identifies threats and benign events with superior accuracy and gives analysts contextualized information, simplifying and accelerating investigations.

Course Overview and Objectives

This course is intended to provide an understanding of Palo Alto Networks Cortex XDR.

During this course, students will be able to:
Understand the difference between traditional anti-virus and Advanced Endpoint Protection solutions
Explore the difference between machine learning prevention and traditional signature-based detection.
Explore the unique features of Cortex XDR
Total endpoint control through a policy-based cloud architecture
Unified Incident Response capabilities and built-in workflow
Incorporate your existing Palo Alto Networks Deployment
Leverage Cortex Data Lake for a single point of log forwarding
Feed data from firewalls and endpoints alike for maximum security coverage
Scope and Target Audience

Scope: Essentials of CORTEX XDR

Course level: Introductory
Course duration: 4 Hours
Course format: Combines lecture with instructor-led demos
Platform supported: Palo Alto Networks Cortex XDR

Target Audience:
Security Engineers
Security managers
Security administrators

Prerequisites – There are no prerequisites for this class.

Agenda

This class is comprised of the following modules:
Emerging Challenges in Security Operations
Use Case: Endpoint Protection
Use Case: Threat Detection
Use Case: Investigation & Response
Use Case: Managed Threat Hunting
Use Case: Managed Detection & Response
CORTEX XDR Demo