Palo Alto ATC Logo
  1. Training
  2. Palo Alto Networks
  3. Palo Alto Networks EDU-260

Palo Alto Networks EDU-260

Cortex XDR: Prevention, Analysis, and Response

Palo Alto ATC Logo

Please note: At the end of October 2024, Palo Alto Networks announced the restructuring of the existing certification program. Among other things, this has an impact on the previous PCNSA and PCNSE certifications. The PCNSA exam was discontinued on 31.01.2025.

The course replaces the previous training courses EDU-281 - Traps 4.x: Install, Configure and Manage, EDU-285 - Traps 4.x: Deploy and Optimize and EDU-290 - Traps: Cloud Service Operations.

This training will enable you to prevent attacks on your endpoints. After an overview of the Cortex XDR components, the training introduces the Cortex XDR management console and shows you how to install the agents on your endpoints and how to create security profiles and policies. You will also learn how to perform and track response actions, tune profiles and work with Cortex XDR alerts. The training concludes with introductory modules on basic agent troubleshooting, the local broker VM component and Cortex XDR deployment.

Course Contents

  • Cortex XDR Family Overview
  • Working with the Cortex Apps
  • Getting Started with Endpoint Protection
  • Malware Protection
  • Exploit Protection
  • Exceptions and Response Actions
  • Behavioral Threat Analysis
  • Cortex XDR Rules
  • Incident Management
  • Alert Analysis Views
  • Search and Investigate
  • Basic Troubleshooting

E-Book Symbol You will receive the original course documentation by Palo Alto in English language as an e-book.

Request in-house training now

Target Group

Cybersecurity analysts and engineers, security operations specialists, administrators and product developers.

Knowledge Prerequisites

The participants must be familiar with the provision of enterprise products as well as with network and security concepts.

Classroom training

Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!

Hybrid training

Hybrid training means that online participants can additionally attend a classroom course. The dynamics of a real seminar are maintained, and the online participants are able to benefit from that. Online participants of a hybrid course use a collaboration platform, such as WebEx Training Center or Saba Meeting. To do this, a PC with browser and Internet access is required, as well as a headset and ideally a Web cam. In the seminar room, we use specially developed and customized audio- and video-technologies. This makes sure that the communication between all persons involved works in a convenient and fault-free way.

Online training

You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.

Tailor-made courses

You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.
Request in-house training now
PDF SymbolYou can find the complete description of this course with dates and prices ready for download at as PDF.

Please note: At the end of October 2024, Palo Alto Networks announced the restructuring of the existing certification program. Among other things, this has an impact on the previous PCNSA and PCNSE certifications. The PCNSA exam was discontinued on 31.01.2025.

The course replaces the previous training courses EDU-281 - Traps 4.x: Install, Configure and Manage, EDU-285 - Traps 4.x: Deploy and Optimize and EDU-290 - Traps: Cloud Service Operations.

This training will enable you to prevent attacks on your endpoints. After an overview of the Cortex XDR components, the training introduces the Cortex XDR management console and shows you how to install the agents on your endpoints and how to create security profiles and policies. You will also learn how to perform and track response actions, tune profiles and work with Cortex XDR alerts. The training concludes with introductory modules on basic agent troubleshooting, the local broker VM component and Cortex XDR deployment.

Course Contents

  • Cortex XDR Family Overview
  • Working with the Cortex Apps
  • Getting Started with Endpoint Protection
  • Malware Protection
  • Exploit Protection
  • Exceptions and Response Actions
  • Behavioral Threat Analysis
  • Cortex XDR Rules
  • Incident Management
  • Alert Analysis Views
  • Search and Investigate
  • Basic Troubleshooting

E-Book Symbol You will receive the original course documentation by Palo Alto in English language as an e-book.

Request in-house training now

Target Group

Cybersecurity analysts and engineers, security operations specialists, administrators and product developers.

Knowledge Prerequisites

The participants must be familiar with the provision of enterprise products as well as with network and security concepts.

Classroom training

Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!

Hybrid training

Hybrid training means that online participants can additionally attend a classroom course. The dynamics of a real seminar are maintained, and the online participants are able to benefit from that. Online participants of a hybrid course use a collaboration platform, such as WebEx Training Center or Saba Meeting. To do this, a PC with browser and Internet access is required, as well as a headset and ideally a Web cam. In the seminar room, we use specially developed and customized audio- and video-technologies. This makes sure that the communication between all persons involved works in a convenient and fault-free way.

Online training

You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.

Tailor-made courses

You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.
Request in-house training now

PDF SymbolYou can find the complete description of this course with dates and prices ready for download at as PDF.
ExperTeach Identifier: P260
Duration & Prices
Prices excl. V.A.T.
Classes in Germany
3 days
€ 2,395
Online training
3 days
€ 2,395
Date City
20250623 2 3 06/23/-06/25/25 Hybrid Training Symbol Deutsche Flagge Frankfurt
20250623 2 3 06/23/-06/25/25 Hybrid Training Symbol Deutsche Flagge Live Online
20251103 2 3 11/03/-11/05/25 Hybrid Training Symbol Deutsche Flagge Frankfurt
20251103 2 3 11/03/-11/05/25 Hybrid Training Symbol Deutsche Flagge Live Online
No suitable date?
Please just ask us for your preferred date!

Hybrid Training Symbol Hybrid Training

Deutsche Flagge Trainer language German