Virtual Workshop

Automating threat hunting and response

Investigation and threat hunting virtual hands-on workshop

Experience Cortex® XSOAR Threat Intel Management

Our two-hour workshop will help you sharpen your threat hunting and incident response skills so you can better deal with the onslaught of alerts and indicators as well as speed up incident investigation and response.

Experience Cortex

Get full control of threat data

What we’ll cover

Threat intel teams don’t lack intel, but rather the ability to act promptly on it. This workshop will show you how to bridge the gap between intel and action with automation.

Get full control of threat data
1

Get full control of threat data

Threat intel teams don’t lack intel, but rather the ability to act promptly on it. This workshop will show you how to bridge the gap between intel and action with automation.

Unlock the power of threat intelligence
2

Unlock the power of threat intelligence

Cortex XSOAR automatically maps and enriches incidents with external threat data to identify threats relevant to your environment.

Surface relevant threats
3

Surface relevant threats

Actionable threat intelligence that’s always up to date surfaces connections between threat actors and attack techniques previously unknown in your environment.

Operationalize threat intelligence
4

Operationalize threat intelligence

Cortex XSOAR closes the loop between threat intelligence generation and response automation. It contextualizes threat data at scale so that it can be applied operationally in the right way.


Agenda

Introduction and Meet your moderators

5 minutes

Quick welcome and introduction

Presentation set up

45 minutes

  • What is threat hunting
  • Cortex XSOAR overview

Self-guided lab work

120-180 minutes

  • Instructions to download lab guide
  • Instructions to login and access Cortex XSOAR
  • Guided steps for:
    • Investigation Activities using data from Network and Endpoint, with multiple types of alerts
    • Multiple Threat Hunting Activities

Closing and Q&A

5-10 minutes

  • Questions and discuss possible next steps
  • Survey to gather feedback

Ideal for
  • Security analysts of all experience levels
  • Security operations/SOC staff
  • Incident responders
  • Threat hunters
Prerequisites
  • Laptop
  • Latest version of Google Chrome
Ideal for
Prerequisites
  • Security analysts of all experience levels
  • Security operations/SOC staff
  • Incident responders
  • Threat hunters
  • Laptop
  • Latest version of Google Chrome