• Classroom
  • Online, Instructor-Led

In this course, you will learn how to use FortiSOAR to design simple to complex playbooks, examine the role of FortiSOAR in mitigating malicious indicators, and learn how to create interactive dashboards to display relevant information about alerts and incidents. You will also learn how to integrate FortiSOAR with FortiGate, FortiSIEM, and FortiMail.

Learning Objectives

  • Identify the role of FortiSOAR in a SOC environment
  • Plan a FortiSOAR deployment
  • Manage incidents and alerts in a SOC environment
  • Explore, create, and customize dashboards
  • Explore the structure of a template
  • Create, customize, and analyze dashboard widgets
  • Create, customize, and publish modules
  • Search for records and filter search records
  • Analyze field-type options in the field editor
  • Build a user prompt from a manual trigger step
  • Define variables and dictionaries in Jinja
  • Configure step utilities within a playbook step
  • Configure various core steps of a playbook
  • Configure different modes of data ingestion
  • Install/configure connectors and apply to a playbook
  • Configure various utility steps
  • Configure referenced playbooks
  • Configure and use dynamic variables and values
  • Use expressions to customize playbook input and outputs
  • Use common Jinja filters and functions
  • Use filters to extract data from complex data structures
  • Build loop functions and conditional statements

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):