Our Day 2 (see PDF agenda here) morning and afternoon workshops promise to deliver a live, interactive experience that will get you up-to-speed on the latest Cortex products and ways to transform your SOC. Space is limited for these valuable sessions and advance sign up is required.
If you signed up for the Get UPSET with Cortex XDR Workshop, we recommend you complete pre-work, sent on or after April 5. Pre-work includes orienting yourself with the product GUI, product workflows, and exercises to get acquainted with the products.
If you’ve missed the deadline to sign up for Symphony workshops, we do offer other Hands on Workshops globally (outside of Symphony). If you are interested in signing up for one in the near future - See upcoming dates/times available:
In this workshop, we’ll give you a real-world security breach scenario, and you’ll have to uncover the adversary's tracks as well as determine their mission objective. We’ll also discuss the entire attack lifecycle and the recommended remediation steps for each phase of an investigation.
Then, the “training wheels” come off and it is you against the adversary. Can you uncover all the relevant artifacts, give your CISO the correct guidance to remediate the security breach, and take the measures necessary to prevent it from happening again?
UPSET is an investigative approach and framework that helps your organization answer the five most important questions you need to ask to assess potential security threats and conduct security investigations. These are:
U = Users Compromised
P = Persistence Mechanism Used
S = Systems Impacted
E = Endgame (Mission Objective)
T = Tactics, Techniques and Procedures (TTPs)
In this lab, you’ll learn how to aggregate, tune and act on threat intelligence data while experiencing the journey of an indicator of compromise using the Cortex XSOAR threat intelligence management module. You’ll find out how to take complete control of your threat intel feed data to help you make smarter incident response decisions. You’ll also see how you can use playbook-driven automation to close the loop between threat intelligence and response actions.
All participants will receive a Cortex XSOAR workshop instance with Feodo Tracker IP blocklist feed pre-configured. Attendees will use Cortex XSOAR's out of the box threat intel management playbooks to automate ingestion and enrichment of indicators and share the processed indicators to be added to Palo Alto Networks firewall blocklist.
This event qualifies for CPE credits.
You are guaranteed to exit each session with actionable data, tips, tricks and ideas to solve your organization's toughest security challenges and better protect your organization. Your hands-on experience will help expedite your organization’s adoption and use of valuable new security technologies and approaches.
We’re excited to announce that Palo Alto Networks will be partnering with (ISC)² to provide Cortex Symphony participants the chance to earn Continuing Professional Education (CPE) credits.
If you’re a current (ISC)² member looking to gain CPE credits for participating at Cortex Symphony 2021, please complete and submit this form.