The Palo Alto Networks XSOAR Engineer certification validates the knowledge and skills required for skilled engineers to deploy, configure, manage, integrate, and troubleshoot Cortex XSOAR solutions in security operations environments.
Target Audience: Security operations engineers, XSOAR specialists, SOC engineers, automation engineers, playbook developers, security architects, and support engineers.
Skills Required
- Security operations and incident response workflows
- Network security, infrastructure, protocols, and topology
- Endpoint OS fundamentals and security integration
- Familiarity with SIEM, EDR, threat intel platforms, ticketing systems, email security
- Programming/scripting (Python, JavaScript, PowerShell)
- Automation principles for incident handling
- Data source integration, log normalization, parsing
- Integration methodologies and REST APIs
- MITRE ATT&CK framework knowledge
- Proficiency with JSON and data transformation (mapping, filtering, transformers)
Recommended training for this certification
To prepare for this certification exam, we recommend that you first review the topics and subtopics in the datasheet, and then complete the courses found in the digital learning path and attend the instructor-led courses below as needed.