Palo Alto Networks Security Operations Fundamentals

Overview

In this Security Operations Fundamentals course you will gain an understanding of Security Pperations (SecOps) and the role it plays in protecting our digital way of life, for businesses and customers. You will focus on continuous improvement processes to collect high-fidelity intelligence, contextual data, and automated prevention workflows that quickly identify and respond to fast-evolving threats. The course also demonstrates how to leverage automation to reduce strain on analysts and execute the Security Operation Center’s (SOC) mission to identify, investigate, and mitigate threats.

Syllabus

Module 1: Course Information

This course provides the student with an understanding of Security operations (SecOps) and the role it plays in protecting our digital way of life, for businesses and customers. Students will learn continuous improvement processes to collect high-fidelity intelligence, contextual data, and automated prevention workflows that quickly identify and respond to fast-evolving threats. Students will also learn how to leverage artificial intelligence driven automation used to facilitate the Security Operation Center’s (SOC) mission to identify, investigate and mitigate threats. Students will discover enterprise SOC tools and AI-driven SecOps platform technologies including: * Security Information and Event Management (SIEM) * Security Orchestration, Automation, and Response (SOAR) * Cortex Extended Detection and Response (XDR)

Module 2: SecOps Overview

In this module students are exposed to the core elements and practices performed in a Security Operations Center. The module emphasizes that effective SOC administration focuses endpoint and security detection and response into six pillars: Processes, Affiliates, People, Business, Visibility, Technology. DevOps and DevSecOps processes are analyzed with the goal of employing a 'shift left' development approach which promotes security as a shared responsibility amongst all parties who work towards the goal of Continuous Integration and Continuous Delivery (CI/CD) in the software development and deployment lifecycle. Students are also introduced to AI-enabled technologies that can automate SecOps threat detection and response.

Module 3: Security Operations Center Elements and Processes

In this module students continue to explore core SOC elements and practices with an emphasis on the SOC Business pillar operations and activities.

Module 4: SOC Infrastructure and Automation

In this module students analyze SOC infrastructure and discover ways to improve SOC operations using Security Orchestration, Automation, and Response (SOAR) technologies.

Module 5: SOC Advanced Endpoint Protection

This module analyzes endpoint detection and response technologies and focuses on enterprise solutions such as Cortex XDR.

Module 6: SOC Threat Prevention and Intelligence

In this module students concentrate on threat intelligence core practices including collection, aggregation, sharing, analysis and organized response.