Learning Objectives

After completing this course, you will be able to:

  • Create security workflows using out-of-the-box SOAR and Content Pack blueprints 
  • Build custom security workflows using Workflow Automation and the AWS integration
  • Run security workflows from Cloud SIEM security signals
  • Automatically remediate threats using security workflows and security notification rules

Primary Audience

This course is designed for cloud security engineers, platform engineers, and incident responders interested in automated remediation for threats and attacks in a public cloud environment.

Prerequisites

The prerequisites for this course are the following:

Technical Requirements

In order to complete the course, you will need:

  • Google Chrome or Firefox

Course Navigation

At the bottom of each lesson, click the MARK LESSON COMPLETE AND CONTINUE button so that you are marked complete for each lesson and can receive the certificate at the end of the course.

Course Enrollment Period

Please note that your enrollment in this course ends after 30 days. You can re-enroll at any time and pick up where you left off.

Course curriculum

    1. Introduction

    1. Building Security Workflows

    2. Security Workflow Use Cases and Patterns

    3. Automating Remediation and Response

    1. Lab Overview

    2. Lab: Automate Security Workflows with Cloud SIEM and Workflow Automation

    1. Summary and Resources

    2. Feedback Survey

Automate Threat Investigation and Remediation with Security Workflows

  • 1 hours to complete
  • Intermediate