Palo Alto Networks XSIAM Analyst

• A basic understanding of cybersecurity concepts, SOC operations, and threat detection workflows.

• Familiarity with log analysis, incident handling, or security monitoring tools.

• Knowledge of networking fundamentals such as IP addressing, TCP/IP, and routing.

• Prior experience with SIEM or SOAR platforms is helpful but not mandatory.

Candidates can  achieve the certification by passing the following exam(s).

• Palo Alto Networks Certified XSIAM Analyst (PAV-XSIAMA)

The certification exam fee is not included in the course fee.

• Proficiency in using Cortex XSIAM for incident investigation and analysis

• Skills to manage and respond to alerts, vulnerabilities, and security events

• Ability to conduct threat hunting and log analysis with XQL

• Knowledge of automation workflows and SOC operations optimisation

• Experience in building dashboards, reports, and compliance monitoring

• Practical skills for supporting real-world Security Operations Center (SOC) environments

• SOC Analysts advancing to AI-driven security operations 

• Threat Hunters using XSIAM for IOC detection 

• Incident Responders automating playbooks 

• Security Engineers managing XSIAM platforms 

1. Introduction to Cortex XSIAM

• Overview of Cortex XSIAM platform and its role in modern SOC operations

• Navigating the user interface and core features

• Understanding the XSIAM architecture and data flow

2. Alerts and Incident Management

• Investigating security alerts with automation and playbooks

• Managing and prioritising incidents

• Applying policies for effective threat response

3. Threat Hunting and Query Language (XQL)

• Introduction to XQL (XSIAM Query Language)

• Building and running queries for advanced analysis

• Proactive threat hunting using logs and telemetry

4. Vulnerability and Asset Management

• Identifying and analysing vulnerabilities across assets

• Managing endpoints, users, and cloud resources within XSIAM

• Implementing best practices for continuous monitoring

5. Automation and SOC Workflows

• Designing and executing automated response workflows

• Integrating XSIAM with third-party tools

• Streamlining SOC operations to reduce analyst workload

6. Dashboards, Reporting, and Compliance

• Building custom dashboards for SOC visibility

• Generating compliance and performance reports

• Monitoring metrics to support business and security objectives

7. Hands-on Labs and Real-World Scenarios

• Guided labs for incident response and investigation

• Practical exercises in log analysis and threat detection

• Case studies simulating real SOC challenges

• PCCET: Palo Alto Networks Certified Cybersecurity Entry‑level Technician
• PCDRA: Palo Alto Networks Certified Detection and Remediation Analyst
• PCNSA: Palo Alto Networks Certified Network Security Administrator
• PCCSE: Prisma Certified Cloud Security Engineer
• PCNSE: Palo Alto Networks Certified Network Security Engineer
• PCSAE: Palo Alto Networks Certified Security Automation Engineer