User Avatar

FortiSOAR Design and Development

60 hours
All levels
10 lessons
0 quizzes
0 students

In this three-day class, you will learn how to use FortiSOAR to design simple to complex playbooks. You will learn to create your own dashboards using various built-in widgets, and install widgets from the widget library. You will review the dashboards that are built-in to FortiSOAR and learn to edit them according to your requirements. In practical labs, you will explore the role of FortiSOAR in mitigating malicious indicators and creating interactive dashboards to display relevant information about alerts and incidents. You will design a playbook to extract indicators from a phishing email alert. You will also design a playbook to enrich those indicators using connectors to query threat intelligence platforms, such as FortiGuard. You will also design a playbook to mitigate malicious indicators by blocking them on FortiGate. You will configure a FortiSIEM connector to ingest incidents into FortiSOAR.

Understanding of Python programming language 

Program and games creation using Python 2 & 3 

Knowledge of GUI creation 

Advanced Python features such as collections module & timestamps 

Students and freshers with interest in coding 

IT professionals looking for a domain with utmost job security 

Non- IT professionals willing to enter into IT with easy coding  


Organizations focusing on leveraging Python on a large scale 

Understanding of Python programming language 

Program and games creation using Python 2 & 3 

Knowledge of GUI creation 

Advanced Python features such as collections module & timestamps 

Students and freshers with interest in coding 

IT professionals looking for a domain with utmost job security 

Non- IT professionals willing to enter into IT with easy coding  


Organizations focusing on leveraging Python on a large scale 

Titles

Agenda

Introduction to FortiSOAR

Dashboard Templates and Widgets

Module Templates and Widgets

Application Editor

Dynamic Variable and Values

Jinja Filters, Functions, and Conditions

Introduction to Playbooks

Playbook Core Steps

Playbook Evaluate Steps

Playbook Connectors, Data Ingestion, and Execution Steps

STUDENTS

Objectives

Identify the role of FortiSOAR in a SOC environment

Plan a FortiSOAR deployment

l Manage incidents and alerts in a SOC environment

Explore, create, and customize dashboards

Explore the structure of a template

Create, customize, and analyze various dashboard widgets

Create, customize, and publish modules

Search for records and filter search records

Analyze field-type options in the field editor

Categorize playbook trigger types

Build a user prompt from a manual trigger step

Understand the basics of Jinja syntax

Define variables and dictionaries in Jinja

Configure step utilities within a playbook step

Configure various core steps of a playbook

Use the advanced editor within a playbook step

Analyze the details of an approval record

Review the connector store

Understand connector configuration

Configure different modes of data ingestion

Configure data ingestion from FortiSIEM

Install and configure connectors and apply them to a playbook

Configure various utility steps

Configure referenced playbooks

Configure and use dynamic variables and values

Use expressions to customize playbook input and outputs

Use common Jinja filters and functions

Use the json_query filter to extract data from complex data structures

Configure for loop functions and if statements

Attend

Who Should Attend

This course is intended for cybersecurity professionals responsible for planning, designing, and customizing FortiSOAR deployments, integrating FortiSOAR with FortiGate, FortiSIEM, and FortiMail, and FortiSOAR playbook design and development.

INCLUDES

Prerequisites

FortiGate

FortiSIEM

FortiMail

0.0
0 total
5
0
4
0
3
0
2
0
1
0