Cisco XDR Foundations

                                                          "XDR is a Security Operations Productivity Tool." 
                                                                                                                           -Aaron Woland  

XDR won't replace a SIEM for an analyst or incident responder utilizing deep queries and playbook capabilities inside a SIEM. This is not a highly intricate lab on threat queries and intelligence coordination.  What XDR does do is enable folks that are newer to incident response to act in a more impactful way. Empowering security teams to act on threats to their environment, without the skills of a seasoned analyst at their disposal. This lab is a foundation on how to utilize Cisco's XDR for just that. To empower security operations teams and increase their productivity. 

• Experience XDR Control Center and integrations.
• Understand XDR Automate and Workflows.
• Explore Investigate capabilities within XDR.
• Review XDR Intelligence

• (4) Windows 10 Clients
• Windows Server 2019
• Cisco Secure Firewall
• Cisco Secure Firewall Management Center
• Linux MFA Server
• Cisco XDR
  • Cisco Secure Cloud Analytics integration
  • Cisco Network Visibility Monitor
  • Crowdstrike integration