new.nexushuman.com
Phone Email
Home / Courses / Palo Alto Networks: Cortex XDR 3.2: Investigation and Response(EDU-262)

Palo Alto Networks: Cortex XDR 3.2: Investigation and Response(EDU-262)

This instructor-led course teaches you how to use the Incidents pages of the Cortex XDR management console to investigate attacks. It explains causality chains, detectors in the Analytics Engine, alerts versus logs, log stitching, and the concepts of causality and analytics. You will learn how to analyze alerts using the...

  • 4.6 out of 5 rating
  • Last updated : 21/01/2026
  • English

Available as Instructor Led Training, Live Online & In Person at your Offices or Ours.

Palo Alto Networks: Cortex XDR 3.2: Investigation and Response(EDU-262)
Enquire Now Download Download Overview

Duration:

16.00 hours

13.0 CPD hours

Overview:

This instructor-led course teaches you how to use the Incidents pages of the Cortex XDR management console to investigate attacks. It explains causality chains, detectors in the Analytics Engine, alerts versus logs, log stitching, and the concepts of causality and analytics. You will learn how to analyze alerts using the Causality and Timeline Views and how to use advanced response actions, such as remediation suggestions, the EDL service, and remote script execution. Multiple modules focus on how to leverage the collected data. You will create simple search queries in one module and XDR rules in another. The course demonstrate how to use specialized investigation views to visualize artifact-related data, such as IP and Hash Views. Additionally, it provides an introduction to XDR Query Language (XQL). The course concludes with Cortex XDR external-data collection capabilities, including the use of Cortex XDR API to receive external alerts.This class is powered by Cloud Harmonics.

Description:

This instructor-led course teaches you how to use the Incidents pages of the Cortex XDR management console to investigate attacks. It explains causality chains, detectors in the Analytics Engine, alerts versus logs, log stitching, and the concepts of causality and analytics. You will learn how to analyze alerts using the Causality and Timeline Views and how to use advanced response actions, such as remediation suggestions, the EDL service, and remote script execution.
Multiple modules focus on how to leverage the collected data. You will create simple search queries in one module and XDR rules in another. The course demonstrate how to use specialized investigation views to visualize artifact-related data, such as IP and Hash Views. Additionally, it provides an introduction to XDR Query Language (XQL). The course concludes with Cortex XDR external-data collection capabilities, including the use of Cortex XDR API to receive external alerts.
This class is powered by Cloud Harmonics.
DURATION 16.00 Hours

No upcoming local classes scheduled.

bg

Training Insurance Included!

When you organise training, we understand that there is a risk that some people may fall ill, become unavailable.

To mitigate the risk we include training insurance for each delegate enrolled on our public schedule, they are welcome to sit on the same Public class within 6 months at no charge, if the case arises.