EDR + Cortex XDR + Prisma Cloud Track

Endpoint detection & cloud security in one program. Cortex XDR + XSIAM concepts plus Prisma Cloud CNAPP โ€” for SOC and cloud security engineers.

๐Ÿ“š 12 Modules โฑ 40 Hours ๐ŸŽฅ Live + Recorded ๐Ÿ† XDR + Prisma Aligned
Enroll Now ๐Ÿ“„ Download Syllabus PDF ๐Ÿ’ฌ WhatsApp Us

Who Is This For

  • SOC analysts moving to L3 detection / IR
  • Engineers running Cortex XDR or migrating from legacy AV
  • Cloud security engineers responsible for Prisma Cloud
  • DevSecOps engineers shifting security left

Prerequisites

  • SOC fundamentals โ€” alerts, incidents, MITRE
  • Basic cloud concepts (AWS / Azure / GCP)

Full Syllabus โ€” 12 Modules

M 1EDR / XDR / XSIAM Foundation
  • AV vs EDR vs XDR vs XSIAM
  • Cortex XDR architecture
  • Cortex Data Lake
  • Why XDR replaces siloed tools
M 2Cortex XDR Agent & Profiles
  • Agent installation โ€” Windows, macOS, Linux
  • Profiles โ€” Malware, Exploit, Restrictions
  • Block list / Allow list
  • Tamper protection
M 3Detection Capabilities
  • Local Analysis & WildFire
  • Behavioral Threat Protection (BTP)
  • Identity Threat Detection
  • Network analytics
M 4Investigation & IR
  • Causality chain & root cause analysis
  • Live Terminal / Live Response
  • Quarantine, isolate, kill
  • Forensics evidence collection
M 5Hunting with XQL
  • XQL basics
  • Pre-built hunting queries
  • BIOC (Behavioral IOC) authoring
  • MITRE-mapped hunts
M 6Cortex XSOAR Basics
  • XSOAR overview
  • Playbook design
  • Common SOC automations
  • Integrations marketplace
M 7Prisma Cloud โ€” CNAPP Foundation
  • CSPM, CWPP, CIEM, IaC
  • Cloud onboarding โ€” AWS, Azure, GCP
  • Asset Inventory
  • Compliance dashboards
M 8Prisma Cloud โ€” Workload Protection
  • Defenders โ€” host, container, serverless
  • Runtime defense
  • Image scanning & CI/CD integration
  • Kubernetes admission control
M 9Prisma Cloud โ€” Code Security & IaC
  • Secrets scanning
  • IaC scanning (Terraform, CloudFormation)
  • Pipeline integration
  • Vulnerability prioritization
M 10WAAS โ€” App & API Security
  • WAAS architecture
  • OWASP rules in Prisma Cloud
  • API discovery & protection
M 11Real-World SOC + Cloud Use Cases
  • Ransomware kill chain on endpoint
  • Cloud misconfiguration โ†’ compromise
  • Container runtime attack
  • Insider exfil from cloud
M 12Cert Path & Interview Prep
  • XSIAM / Cortex XDR specialty
  • Prisma Cloud certification overview
  • SOC L2 / L3 + cloud security interview question bank

What You Get

๐ŸŽฅ

40 Hours

Live + recorded sessions for EDR + cloud security.

๐Ÿ”

Walkthroughs

Recorded admin demos โ€” vendor labs are read-only.

๐Ÿ› ๏ธ

Real Case Studies

Ransomware chain, cloud misconfig exploit, container runtime attack, IaC scanning in CI/CD.

๐Ÿ“

Interview Q&A

SOC + cloud security question bank.

๐Ÿ†

Certificate

Techclick Infosec course completion certificate.

๐Ÿ’ฌ

WhatsApp Group

Doubt-clearing batch group with the trainer.

Your Instructor

Trained by working senior cloud and network security engineers with 13+ years of hands-on enterprise experience across EDR, XDR, Prisma Cloud, SOC operations and CNAPP.

FAQ

Q 1Hands-on labs?

Vendor labs are read-only. We use recorded admin demos and screenshot-based config exercises across XDR and Prisma Cloud.

Q 2Why bundle EDR + Prisma Cloud?

Both come from the Cortex / Prisma family and most large enterprises run them together. Bundle = better job profile.

Q 3Cert path?

XSIAM / Cortex XDR specialty + Prisma Cloud certification โ€” Module 12 covers blueprints.

Q 4Duration?

About 40 hours over 5โ€“6 weeks.

Q 5Placement help?

CV review and interview prep.

Endpoint + Cloud โ€” one course.

Talk to us about the next batch.

๐Ÿ’ฌ Book Free Demo Class โœ‰๏ธ Email support@techclick.in