Splunk SOAR Certified Automation Developer exam

Splunk SOAR Certified Automation Developer exam

The Splunk SOAR Certified Automation Developer exam, previously known as the Splunk Phantom Certified Admin Exam, validates your ability to install, configure, and manage Splunk SOAR (Security Orchestration, Automation, and Response)  platforms. Earning this certification demonstrates your proficiency in using Splunk SOAR to automate security workflows, streamline incident response processes, and enhance your organization's security posture.

Who Should Take This Exam?

• Deepen their expertise: Specialize in automating security processes using Splunk SOAR.
• Advance their careers: Qualify for roles involving Splunk SOAR administration and automation development.
• Validate their skills: Demonstrate their knowledge and expertise to potential employers in the security operations field.

Course Outline

Topic 1: Deployment, Installation, and Initial Configuration 5%

Topic 2: User Management and Multi-tenancy 5%

Topic 3: Apps, Assets, and Playbooks 5%

Topic 4: Analyst Queue 5%

Topic 5: The Investigation Page 10%

Topic 6: Case Management and Workbooks 5%

Topic 7: Customizations 5%

Topic 8: System Maintenance 5%

Topic 9: Introduction to Playbooks 5%

Topic 10: Visual Playbook Editor 5%

Topic 11: Logic, Filters, and User Interaction 5%

Topic 12: Formatted Output and Data Access 5%

Topic 13: Modular Playbook Development 5%

Topic 14: Custom Lists and Data Routing 5%

Topic 15: Configuring External Splunk Search 5%

Topic 16: Integrating Phantom into Splunk 10%

Topic 17: Custom Coding 5%

Topic 18: Using REST 5%