Designed for SOC analysts, SIEM analysts, threat hunters, and incident responders, this course teaches you how to use CrowdStrike Query Language (CQL) to investigate events with speed and precision. Learn event structure fundamentals, basic query syntax, query writing techniques, and strategies for optimizing query performance.

Course availability: Monday, 2 Nov. | 9:00 – 17:00

View syllabus →

Get hands-on with CrowdStrike Falcon® Next-Gen SIEM in this advanced course designed for security leads, analysts, hunters, and operations specialists. Learn to investigate third-party data, correlate events for deeper context, and leverage CrowdStrike Falcon® Fusion SOAR automations to streamline detection and response. Build skills in continuous monitoring, advanced threat detection, and proactive threat hunting — all through intuitive dashboards that increase precision and speed response.

Course availability: Monday, 2 Nov. | 9:00 – 17:00

View syllabus →

Learn to design and implement security orchestration workflows using Falcon Fusion SOAR to enhance incident response and security operations efficiency. This course provides practical skills to create workflow architectures incorporating triggers, conditions, and actions. Participants will explore intelligent triage workflows for alert classification and prioritization, develop multi-stage response orchestrations that coordinate actions across security systems, and learn automated remediation techniques for containment, eradication, and recovery processes. Through hands-on labs and real-world scenarios, students will gain experience with testing methodologies, debugging techniques, and observability practices essential for maintaining workflow reliability in enterprise security environments.

Course availability: Monday, 2 Nov. | 9:00 – 17:00