(USD) $
United States (US) dollar($)
Indian rupee($)
Euro(EUR)
Search
Close this search box.
Search
Close this search box.
Contact Us
(USD) $
United States (US) dollar($)
Indian rupee($)
Euro(EUR)

Cortex XDR: Investigation and Response (EDU-262)

Master attack investigation and response in the Cortex XDR: Investigation and Response (EDU-262) course, learning to navigate the Incidents pages of the Cortex XDR console, understand causality and analytics, and utilize advanced tools like the EDL service and remote script execution, alongside crafting XDR rules and queries with XQL.

Send Enquiry to Sales Team
Request a Quote
Cortex XDR: Investigation and Response (EDU-262)

Overview

Overview

The Cortex XDR course provides hands-on training on activating a Cortex XDR instance and creating agent-installation packages and security policies to shield endpoints from sophisticated, fileless attacks.

This course covers incident management, Cortex XDR causality and analytics, alert analysis using Causality and Timeline Views, and advanced Cortex XDR Pro actions like remote script execution. It also teaches management of search queries and Cortex XDR rules, working with assets and inventories, and utilizing XQL for data search and visualization, along with external data collection capabilities.

Prerequisites

Participants are required to have completed the EDU-260 (Cortex XDR: Prevention and Deployment) course prior to enrolling.

Scope

Level: Intermediate

Duration: 2 Days

Format: Instructor-Led Training

Supported Platforms: Cortex XDR

Target Audience

The course is ideal for Cybersecurity analysts, engineers, and security operations specialists.

Best Practices

As an Authorized Training Partner, Datacipher is celebrated for its outstanding educational programs and commitment to training excellence. Our distinction lies in the depth of expertise and passion of our trainers, who are not only seasoned professionals but also active security consultants with substantial real-world experience.

Certification

N/A

FAQs

Can the EDU-262 course be taken online?

Yes. Our online Cortex XDR: Investigation and Response (EDU-262) course is delivered by expert instructors using web conferencing, with live demos and access to personal labs.

Is in-person classroom training available?

Yes, in-person sessions are available at our facilities or as customized on-site training. Check our “Price and Dates” section or contact us for details.

Will I receive official course materials?

Participants receive course materials in both electronic and printed forms, including detailed slides and recordings. Ensure bookings are confirmed at least ten days ahead for printed materials.

Can the electronic coursebook be printed?

Yes, the electronic coursebook is printable for flexible study options.

Do participants receive a certificate of completion?

Upon completion, participants receive an official Palo Alto Networks certificate of completion.

Exam Resources

Description

Download

Blueprint

Download

Study guide

Download

Sample Questions

Download

Course Outline

Module 1: Cortex XDR Incidents
Module 2: Causality and Analytics Concepts
Module 3: Causality Analysis of Alerts
Module 4: Advanced Response Actions
Module5: Building Search Queries
Module 6: Building XDR Rules
Module 7: Investigation Views
Module 8: Introduction to XQL
Module 9: External Data Collection
  • Select Time Zone
    Americas Date and Time
    Asia Date and Time
    Europe Date and Time
    Format
    Language/Location
OR

Training Credits/Participant: 20

Talk to our sales team to use credits
Payment Methods

We accept all common payment methods in both the Euro and US Dollar as well as Palo Alto Networks training credits and vouchers for this Firewall: Troubleshooting (EDU-330) training course.

  • Training Credits and Vouchers from Palo Alto Networks – We accept both training credits and training vouchers issued by Palo Alto Networks. To sign-up for a course and pay using training credits or vouchers, please use the Register button above. You can select training credits at the end of the registration form.
  • Purchase Order “PO” – If your company wants to raise a purchase order to book a training course, please sign-up using the register button above. At the end of the form, please answer the questions “How would you like to pay for the course?” with “My company will pay for it, please send me an invoice with the payment details”. Our training team will then send you an official quote which your company can use to issue the PO. Our training team will also be able to provide any additional information that might be required by your accounts department.
  • Bank Transfer – Consigas has a bank account both in the US and in Europe. Our banks support all common bank transfer methods like IBAN/BIC, Swift, ACH or wire transfer. To sign-up for a course and pay per bank transfer, please use the Register button above.
  • Credit Card – We can accept credit card payment from all major credit card companies like Mastercard, VISA, American Express, Discover & Diners or Cartes Bancaires. You can pay per credit card either directly through the registration link above, or we can issue an invoice with a web link to pay online. All credit card transactions are secured by Stripe and Consigas is not storing any credit card details.

Status

Guaranteed to Run Training Courses
Guaranteed to Run – Consigas guarantees to run this Firewall Configuration and Management (EDU-210) class, exempt in unexpected circumstances of force majeure, like an accident or illness of the instructor, which prevents the course from being conducted.

Guaranteed on next Course Booking
Guaranteed on next Booking – Consigas guarantees to run this Firewall Configuration and Management (EDU-210) class if one more student registers for the training course.

Guaranteed on next Course Booking
Scheduled Class – Consigas has scheduled this Firewall Configuration and Management (EDU-210) training course and booked an instructor. We rarely cancel any classes because of low inscriptions and provide a “Cancel no more than Once” guarantee. This means that in the rare case that we cannot run a class because of low inscriptions, we guarantee running the next course regardless of the number of attendees.

Training Course Sold Out
Sold Out – This class is fully booked. Please contact us using this form and we will put you on the waiting list or let you know in case we schedule an additional class.

Half and Full-Day Training
We are offering training courses both in the classical full-day as well as in a half-day format. The half-day classes are specially tailored for IT professionals who cannot afford to leave the office for several days in a row. This format allows students to attend and fully focus on the course for a couple of hours and then catch up with their day-to-day job.The training content of both schedule formats is exactly the same. The only difference is that half-day classes distribute the course over a longer period of time. Consigas is running training courses in a half-day format for many years, and we have received very positive feedback from customers. Students tell us that besides being more flexible, it also enables them to learn more effectively as it gives them more time to process all information resulting in a better understanding.

Upon completing this instructor-led course with hands-on labs, participants will be proficient in managing and investigating incidents using Cortex XDR. They will gain expertise in analyzing alerts, utilizing advanced Cortex XDR Pro actions like remote script execution, and managing search queries and rules. Additionally, they will learn to handle assets, write XQL queries, and work with Cortex XDR’s external data collection capabilities.

Download Details

REQUEST CUSTOM DELIVERY

REQUEST a Quote

Become An Expert By Practice – Get Your Hands On Labs

Don’t let your tech outpace the skills of your people
Get in touch today
World-Class Training Expertise
Boasting decades of experience in delivering top-tier IT and professional development training, tailored to the latest industry trends.
Customized Learning Journeys
Offering personalized training paths to meet the specific needs of individuals and organizations.
Innovative Learning Platforms
Utilizing cutting-edge technology to provide engaging and effective online and in-person training experiences.
Global Network of Industry Experts
Our instructors are seasoned professionals with real-world experience, ensuring practical and relevant learning.
Extensive Course Catalog
Covering a wide array of topics, from cybersecurity to cloud computing, ensuring comprehensive skill development.
Flexible Training Delivery Modes
Providing various training formats, including live virtual classrooms, on-site training, and self-paced online courses.
Commitment to Excellence
Continuously updating courses to reflect the latest industry standards and best practices.
Strong Industry Partnerships
Collaborating with leading technology vendors and institutions for accredited and up-to-date course content.
Proven Training Track Record
Years of successful training delivery, reflected in high satisfaction rates and positive client testimonials.
Future-Ready Skills Development
Focused on equipping learners with skills that are crucial for the ever-evolving tech landscape.
Previous
Next

TRUSTED BY TOP COMPANIES LIKE IBM, DELOITTE, ERICSSON, AND MORE.
DISCOVER OUR CUSTOMER PORTFOLIO.

Dedicated to excellence, we cultivate strong partnerships with worldwide technology innovators.
Previous
Next

Testimonials

What Our Clients Say

Instructor is good knowledgeable in his domain, which was seen in his entire session which we went through, we have asked the query multiple time but he did not hesitate to answer as well as fruitfully answer it well.Content part was also fine.
Manish KumarNTT
The complete session was brainstorming & well planned. Learned a lot; hope to imply the wonderful training insights to working. The course was diverse yet meaningful in every aspect. Would like to enroll myself in advance training as well, if slots are available.
Jyoti KhatiAccenture
Instructor was very good, has very good knowledge in his area, he covered all the learning point and answered all the questions asked by me and team.
Mohit GuptaNTT
Thank you very much for the training sessions this week. Really informative, and please keep the good work. You’ve been one of the best trainer so far, I’m dead serious.
Selven MookenCeredian
Instructor at Dataciphers was a fantastic teacher. He covered all the topics and explained them very well. All questions I had, he had an answer for and not only a verbal answer but he showed me how to do certain things when the question required a visual answer. I highly recommend taking this class with him as the instructor. If I take a nother class with Datacipher really hoping to get him as the instructor.
Becker & PoliakoffFelipe Gonzalez
The instructor, solve the questions, and has a pretty good knowledge related this course
Fernando HenryNTT
Your training session was very informative, and I appreciate the effort you’ve put into this one week training sessions. You did a good job of explaining complex concepts in a way that was easy to understand mainly for SSL certificates. Thank you as well for keeping the lab online.
Selven MookenCeredian
Thanks a lot for such a informative sessions on Palo alto. I really appreciate your teaching approach. You taught each and every chapter in detail and solved our queries. I would love to join your class again in future.
Atharva JamkarAccenture
The course was presented in an enthusiastic way, as your sprit was always high since morning to evening day 1 to day 5. You clarified the contents from very basic to high level, which gave me better understanding of topics.Great presentation style with lots of opportunities to ask questions and talk about real life examples which all made for a really enjoyable and informative course.This has more than met my expectations. Thank you for a great course. I took lots of things that I can quickly and easily apply, as I was new to the Palo alto, but now I can perform well.
Samreen AkhtarAccenture
Instructor personally repeated multiple concepts to get the clear idea about the workflow
Shreya JattiPAN - EPT
The instructor explained all the concepts in depth. Very engage throught all 4 days of the session. He was more than happy to provide any answers to our doubts even if it is outside the course/scope of this training.
Asha ChaudharyDepartment of The Premier and Cabinet South Australia

Transform your team with award-winning IT training, delivered by top-rated trainers, both online and in-person.

Facebook-f Twitter Linkedin Youtube Instagram

Quick links

Locations

Copyright © 2022 Datacipher Education Services Pvt Ltd, All Rights Reserved.