XSOAR for SOC Analysts: Zero to Proficiency

A comprehensive course designed to equip SOC analysts with the skills to effectively use XSOAR for incident response, automation, and threat management.

...

Introduction to Security Orchestration and Automation (SOAR)

Unit 1: Understanding SOAR Fundamentals

Unit 2: Exploring the SOAR Landscape

Understanding XSOAR: Core Concepts and Architecture

Unit 1: XSOAR Architecture and Terminology

Unit 2: Integrations, Layouts, War Rooms, Roles

Navigating the XSOAR User Interface (UI)

Unit 1: Exploring the XSOAR Interface

Unit 2: Customization and Search

Incident Management: From Alert to Resolution

Unit 1: Incident Lifecycle and Ingestion

Unit 2: Prioritization and Documentation

Working with Indicators: Threat Intelligence in XSOAR

Unit 1: Understanding and Ingesting Indicators

Unit 2: Using Indicators for Threat Detection

Introduction to Playbooks: Automating Incident Response

Unit 1: Understanding Playbooks

Unit 2: Exploring the Playbook Editor

Creating Your First Playbook: A Step-by-Step Guide

Unit 1: Building Blocks of a Playbook

Unit 2: Adding Logic and Testing

Playbook Tasks: Automating Security Actions

Unit 1: Mastering Core Playbook Tasks

Unit 2: Advanced Task Configuration

Integrations: Connecting XSOAR to Your Security Ecosystem

Unit 1: Understanding XSOAR Integrations

Unit 2: Configuring and Managing Integrations

Configuring Integrations: SIEM, EDR, and Threat Intelligence

Unit 1: SIEM and EDR Integrations

Unit 2: Threat Intel Integrations

Advanced Playbook Techniques: Sub-Playbooks and Loops

Unit 1: Mastering Sub-Playbooks and Loops

Unit 2: Advanced Looping and Optimization

Working with War Rooms: Collaboration and Investigation

Unit 1: Understanding and Using War Rooms

Unit 2: Collaboration and Documentation

Reporting and Dashboards: Measuring SOC Performance

Unit 1: Creating and Customizing Reports

Unit 2: Creating and Customizing Dashboards

Customizing Incident Layouts: Tailoring the Incident View

Unit 1: Layout Basics and Custom Fields

Unit 2: Conditional Formatting and Advanced Techniques

XSOAR Marketplace: Leveraging Community Content

Unit 1: Exploring and Utilizing the XSOAR Marketplace

Unit 2: Evaluating and Contributing to the Marketplace

User Management and Permissions: Securing Your XSOAR Environment

Unit 1: User Account Management in XSOAR

Unit 2: Roles, Permissions, and Security

Troubleshooting XSOAR: Common Issues and Solutions

Unit 1: Diagnosing and Resolving Common XSOAR Issues

Unit 2: Maintenance, Updates, and Community Resources

Best Practices for XSOAR Implementation and Usage

Unit 1: Strategic Implementation and Standardization

Unit 2: Documentation, Review, and Updates

Advanced Threat Hunting with XSOAR

Unit 1: Proactive Threat Hunting with XSOAR

Unit 2: Automating Threat Hunting

XSOAR API: Extending Functionality and Integration

Unit 1: Understanding and Using the XSOAR API

Unit 2: Developing Custom Integrations