Cortex XSOAR: Engineering Security Automation Solutions is an advanced course for security engineers who build and maintain automation workflows on Palo Alto Networks’ Cortex XSOAR platform. Students learn advanced playbook development using Python-based automation, custom integration development, REST API integrations, and the engineering practices required to build reliable, production-grade security automation at scale.
What You Will Learn
- Design and build complex XSOAR playbooks with advanced branching, loops, and error handling
- Develop custom XSOAR integrations using the Python integration development framework
- Use the XSOAR REST API to interact with external systems and automate case management
- Implement automated enrichment, containment, and remediation workflows for common threat scenarios
- Apply engineering best practices including testing, version control, and deployment pipelines for XSOAR content
Who Should Attend
Security automation engineers, senior SOC engineers, and developers responsible for building and maintaining XSOAR playbooks and integrations.
Prerequisites
Experience with Cortex XSOAR and Python scripting. Familiarity with REST APIs and basic security operations concepts.
