Cisco XDR Workshop

4 hours

Cisco XDR (Extended Detection and Response) provides visibility and actionable insights across networks, clouds, email, endpoints and applications to help security operation center teams simplify the detection, investigation and remediation of threats across their environment.

What to Expect

Learn how Cisco XDR can collect, correlate and provide prioritized insights into security activities and incidents with WWT's Cisco XDR Workshop. You'll work with Cisco and WWT experts to get information and hands-on experience with the following:

  • Learning the features and functionality of the Cisco XDR modules including visualization threat hunting, incident handling and remediation
  • Dashboarding information critical to SOC analysts
  • Integrating Cisco and third-party telemetry, including Cisco Umbrella, Secure Endpoint, CrowdStrike, Amazon Web Services and Cohesity
  • Exploring casebooks, incidents and other investigation tools and techniques
  • Providing custom automation workflows to speed remediation

Goals & Objectives

WWT's hands-on Cisco XDR Workshop will show participants how Cisco XDR can aid security operations teams with incident handling and threat hunting using a single platform collecting telemetry from numerous sources. Attendees will experience basic setup and use of Cisco XDR for incident response and remediation.

This workshop will include:

  • Overview of the Cisco XDR platform and architecture.
  • Discussion of product and intelligence integration into Cisco XDR.
  • Discussion of MITRE ATT&CK framework and mapping to Cisco XDR.
  • Overview of remediation techniques and playbooks provided by Cisco XDR.
  • Hands-on experience with the product in a lab environment with simulated attacks. 


The benefits of Cisco XDR include centralizing telemetry, alerts, incidents and remediation actions to minimize the number of dashboards required for your security operations teams to effectively secure your organization.