Cortex XDR:
Investigation and Response

PAN EDU-262 Training

Contents of EDU-262 training

During this hands-on lab training you will learn to work with Palo Alto Networks’ Cortex XDR in a test environment. First you will learn how to investigate attacks from Cortex XDR management console pages and then you will learn how to work with Cortex XDR data processing capabilities to protect your environment against advanced threats.

What you will learn:

  • Investigate attacks on the incidents page, and score, assign, and closet hem

  • Investigate artifacts using the specialized views such as IP View and Hash View

  • Work with Cortex XDR Pro actions :the remote script execution and EDL service

  • Describe the Cortex XDR causality and analytics concepts

  • Analyze alerts using the Causality and Timeline Views

  • Create and manage on-demand and schedule d search queries in the Query Center

  • Create and manage the Cortex XDR rules BIOC and IOC

  • Work with the Cortex XDR’s external data ingestion support

  • Write XQL queries to search datasets and visualize the result sets

  • Create simple Correlation Rules and Parsing Rules using XQL

What prior knowledge is expected?

  • Participants must have taken the course EDU-260 (Cortex XDR: Prevention and Deployment).

For who?

Cybersecurity analysts and engineers, and security operations specialists.

Request a quote

Why choose ON2IT?

  • We are a Palo Alto Networks Authorized Trainer Partner (ATP).
  • Our trainers are senior consultants with years of experience
  • Our courses do not consist of dry theory, but combine theory, interaction and practice (in a lab environment)
  • You can attend our training courses at our office, virtually or on location.

Meet our trainers

Rob Maas

Rob MaasRob is ON2IT Lead Architect and Technical challenger. Since 2020 Rob is also a Certified Forrester Zero Trust Strategist.

Johan Bogema

Johan BogemaJohan Bogema is ON2IT Product Owner Cloud Security. Johan has years of experience with Zero Trust security implementations within large-scale cloud transformations.