Oreilly – Detection and Response with XDR: Integrated Security Solutions to Combat Emerging Threats 2024-11
Published on: 2024-12-10 17:10:15
Categories: 28
Description
Detection and Response with XDR: Integrated Security Solutions to Combat Emerging Threats. Cyberspace is changing at a rapid pace, and new security threats are constantly emerging. This makes it challenging to keep organizations secure. The traditional solution is to use different security tools, but this approach often leads to a lack of overall visibility and a lack of coordination between tools. The Detection and Response with XDR training course offers you an innovative solution to overcome these challenges.
XDR stands for “eXtended Detection and Response.” It’s an integrated security platform that collects and analyzes data from a wide range of security sources, including firewalls, intrusion prevention systems (IDS/IPS), and security information and event management (SIEM) tools. By consolidating this data in a single place, XDR gives security teams a complete view of network and systems activity, enabling them to detect, analyze, and remediate threats faster.
What you will learn
- You will understand the benefits of XDR: You will discover how XDR reduces the time to detect and respond to threats, reduces security costs, and increases the efficiency of security teams.
- Learn how XDR works: You will learn about the core components of XDR, including data collection, analysis, and event response.
- Gain practical skills for implementing XDR: You’ll learn how to set up XDR in your organization, configure it for your specific needs, and take advantage of its advanced capabilities.
- Develop threat response automation strategies: Using XDR automation capabilities, you will learn how to automate threat response processes to increase the speed and accuracy of response.
This course is suitable for people who:
- This course is ideal for cybersecurity professionals who want to expand their knowledge of XDR and enhance their skills to combat modern threats. To get the most out of this course, you should have a basic understanding of cybersecurity concepts, familiarity with SOC tools, and experience working in a security operations role, such as a security analyst or incident responder.
From Zero to Hero: Event-Driven Architecture Course Specifications
Course topics
- Introduction
- Detection and Response with XDR: Introduction
- Module 1: Security Operations and Tooling
- Module Introduction
- Lesson 1: The Modern Security Operations Center
- Learning objectives
- 1.1 Describe the Goals of the SOC
- 1.2 Describe SOC Organization
- 1.3 Describe SOC Roles and Responsibilities
- 1.4 Describe SOC Process Flow
- Lesson 2: Security Operations Concepts and Tooling
- Learning objectives
- 2.1 Describe Basics of NIST Cybersecurity Framework (CSF)
- 2.2 Describe Major Categories of Threats
- 2.3 Describe Major Categories of Controls
- 2.4 Identify Some Popular Open-Source Tools and Their Functions
- Lesson 3: Computer Security Incident Response Teams (CSIRT)
- Learning objectives
- 3.1 Describe the Goals of a CSIRT
- 3.2 Appreciate the Differences Between a SOC and a CSIRT
- Module 2: Extended Detection and Response (XDR)
- Module Introduction
- Lesson 4: Trends and Challenges
- Learning objectives
- 4.1 Describe the Limitations of Existing Solutions
- 4.2 Identify Some of the Top Roadblocks with Existing Tools
- 4.3 Describe the Limitations with SIEMs
- 4.4 Describe the Limitations with SOARs
- Lesson 5: Introducing XDR
- Learning objectives
- 5.1 Describe the Basics of XDR
- 5.2 Describe the Goals of XDR
- 5.3 Describe Cisco’s Secure Approach to XDR
- 5.4 Identify the Components of XDR
- 5.5 Appreciate XDR’s Differences from a SIEM and SOAR
- 5.6 Describe XDR’s Real-World Outcomes
- Lesson 6: XDR’s Integrated Security Stack
- Learning objectives
- 6.1 Identify the Goals of an Integrated Security Stack
- 6.2 Appreciate XDR’s Native and Third-Party Compatibility
- 6.3 Describe XDR’s REST APIs
- 6.4 Describe XDR’s Detection Analytics
- 6.5 Describe XDR’s Remediation Capabilities
- 6.6 Describe XDR’s Orchestration/Automation Capabilities
- 6.7 Describe an Effective XDR Solution
- Module 3: XDR with Cisco
- Module Introduction
- Lesson 7: Threat Hunting
- Learning objectives
- 7.1 Describe the PICERL Model
- 7.2 Describe the MITRE Framework
- 7.3 Describe Adversary Tactics, Techniques, and Procedures (TTPs)
- 7.4 Identify the Tools and Techniques for Threat Hunting
- Lesson 8: Investigating an Incident
- Learning objectives
- 8.1 Describe an Incident in XDR
- 8.2 Describe Incident Priority and MITRE Tactics
- 8.3 Identify the Components of an Incident
- 8.4 Interact with Cisco XDR’s Attack Graph
- 8.5 Identify Correlating Data Using XDR
- Lesson 9: Responding to an Incident
- Learning objectives
- 9.1 Appreciate the Value of Cisco XDR Integrations for Response
- 9.2 Describe How XDR Can Respond to an Incident
- 9.3 Understand Incident Response Playbooks
- Module 4: Security Automation
- Module Introduction
- Lesson 10: What Is Security Automation?
- Learning objectives
- 10.1 Describe the Advantages of Security Automation
- 10.2 Describe the Roles of AI and Machine Learning
- Lesson 11: How Does Automation Fit into XDR?
- Learning objectives
- 11.1 Understand Threat Hunting and Alert Investigation
- 11.2 Describe Response Actions
- Lesson 12: Cisco XDR Automation
- Learning objectives
- 12.1 Describe XDR Automation and Its Usage
- 12.2 Explain Automation Components
- 12.3 Explore the Workflow Editor
- 12.4 Explain a Workflow Run and Troubleshooting
- Summary
- Detection and Response with XDR: Summary
Course images
Sample course video
Installation Guide
After Extract, view with your favorite player.
Subtitles: English
Quality: 720p
Download link
Download file – 866 MB
File(s) password: www.downloadly.ir
File size
866 MB
Leave a Comment (Please sign to comment)
