Obiettivi del Corso
This training is designed to enable a SOC, CERT, CSIRT, or SOAR engineer to start working with Cortex XSOAR integrations, playbooks, incident-page layouts, and other system features to facilitate resource orchestration, process automation, case management, and analyst workflow.
The third module of the course demonstrates a complete playbook-development process for automating a typical analyst workflow to address phishing incidents. This end-to-end view of the development process provides a framework for more focused discussions of individual topics that are covered in subsequent modules.
Contenuti del Corso
The Cortex XSOAR 6.2: Automation and Orchestration- EDU-380 course is four days of instructor-led training that will help you:
- Configure integrations, create tasks, and develop playbooks.
- Build incident layouts that enable analysts to triage and investigate incidents efficiently.
- Identify how to categorize event information and map that information to display fields.
- Develop automations, manage content, indicator data, and artifact stores, schedule jobs, organize users and user roles, oversee case management, and foster collaboration.