Improve your experience. We are very sorry but this website does not support Internet Explorer. We recommend using a different browser that is supported such as Google Chrome or Mozilla Firefox.
EDU-262 for Cortex XDR, Cortex XDR: Investigation and Response (14 Training Credits)
The first part of this instructor-led training enables you to investigate attacks from Cortex XDR management console pages, including the Incidents page and specialized artifact analysis views such as the IP View. In the first part, you will also learn how to run remote Python scripts on your endpoints.
The second part of the training enables you to work with Cortex XDR data processing capabilities to protect your environment against advanced threats such as fileless attacks. For example, in this part you will analyze alerts in the Causality View. Also, you will learn about Cortex XDR data collection capabilities, including Cortex XDR API for ingesting external alerts, and leverage the data to investigate threats. The training ends up with introductory modules to XDR Query Language XQL and two Pro features based-on Cortex XDR XQL engine.
Successful completion of this instructor-led course with hands-on lab activities should enable the students to:
The technical curriculum developed and authorized by Palo Alto Networks and delivered by Palo Alto Networks Authorized Training Partners helps provide the knowledge and expertise that prepare you to protect our digital way of life. Our trusted certifications validate your knowledge of the Palo Alto Networks product portfolio and your ability to help prevent successful cyberattacks and safely enable applications.
Participants must have taken the course EDU-260 (Cortex XDR: Prevention and Deployment).
Cybersecurity analysts and engineers, and security operations specialists