Course Code: cyberthreatintel
Duration: 35 hours
Prerequisites:
  • Basic understanding of cybersecurity principles and practices
  • Familiarity with network and information security concepts
  • Experience with IT systems and infrastructure

Audience

  • Cybersecurity professionals
  • IT security analysts
  • Security operations center (SOC) staff
Overview:

Cyber Threat Intelligence (CTI) is the process of collecting, analyzing, and utilizing information about potential or actual cyber threats and vulnerabilities to inform and improve an organization's cybersecurity posture.

This instructor-led, live training (online or onsite) is aimed at advanced-level cyber security professionals who wish to understand Cyber Threat Intelligence and learn skills to effectively manage and mitigate cyber threats.

By the end of this training, participants will be able to:

  • Understand the fundamentals of Cyber Threat Intelligence (CTI).
  • Analyze the current cyber threat landscape.
  • Collect and process intelligence data.
  • Perform advanced threat analysis.
  • Leverage Threat Intelligence Platforms (TIPs) and automate threat intelligence processes.

Format of the Course

  • Interactive lecture and discussion.
  • Lots of exercises and practice.
  • Hands-on implementation in a live-lab environment.

Course Customization Options

  • To request a customized training for this course, please contact us to arrange.
Course Outline:

Introduction to Cyber Threat Intelligence (CTI)

  • Definition and importance of CTI
  • Types of Cyber Threat Intelligence: Tactical, Operational, Strategic, Technical
  • Key concepts and terminologies
  • Understanding different types of cyber threats (malware, phishing, ransomware, etc.)
  • Historical perspective on cyber threats and attacks
  • Current trends in the cyber threat landscape
  • Stages of the intelligence lifecycle

Data Collection Methods

  • Sources of intelligence data (open source, dark web, internal sources)
  • Techniques for data collection
  • Tools and technologies used in data collection

Data Processing and Enrichment

  • Data processing techniques
  • Data normalization and enrichment
  • Automating data processing with tools

Intelligence Analysis Techniques

  • Analytical methodologies: link analysis, trend analysis, behavioral analysis
  • Tools for intelligence analysis
  • Practical exercises on data analysis

Introduction to Threat Intelligence Platforms (TIPs)

  • Overview of popular TIPs (e.g., MISP, ThreatConnect, Anomali)
  • Key features and functionalities of TIPs
  • Integration of TIPs with other security tools

Hands-On with Threat Intelligence Platforms

  • Practical session on setting up and using a TIP
  • Data ingestion and correlation
  • Customizing alerts and reports

Automation in Threat Intelligence

  • Importance of automation in CTI
  • Tools and techniques for automating threat intelligence processes
  • Practical exercises on automation scripts

Importance of Information Sharing

  • Benefits and challenges of sharing threat intelligence
  • Models and frameworks for information sharing (e.g., STIX/TAXII, OpenC2)

Building an Information Sharing Community

  • Best practices for establishing a sharing community
  • Legal and ethical considerations
  • Case studies of successful information-sharing initiatives

Collaborative Threat Intelligence Exercises

  • Conducting joint threat analysis
  • Role-playing scenarios for intelligence sharing
  • Developing strategies for effective collaboration

Advanced Threat Intelligence Techniques

  • Use of machine learning and AI in CTI
  • Advanced threat-hunting techniques
  • Emerging trends in CTI

Case Studies of Cyber Attacks

  • Detailed analysis of notable cyber attacks
  • Lessons learned and intelligence insights
  • Practical exercises on developing intelligence reports

Developing a CTI Program

  • Steps to build and mature a CTI program
  • Metrics and KPIs for measuring CTI effectiveness

Summary and Next Steps

Sites Published:

United Arab Emirates - Cyber Threat Intelligence

Qatar - Cyber Threat Intelligence

Egypt - Cyber Threat Intelligence

Saudi Arabia - Cyber Threat Intelligence

South Africa - Cyber Threat Intelligence

Brasil - Cyber Threat Intelligence

Canada - Cyber Threat Intelligence

中国 - Cyber Threat Intelligence

香港 - Cyber Threat Intelligence

澳門 - Cyber Threat Intelligence

台灣 - Cyber Threat Intelligence

USA - Cyber Threat Intelligence

Österreich - Cyber Threat Intelligence

Schweiz - Cyber Threat Intelligence

Deutschland - Cyber Threat Intelligence

Czech Republic - Cyber Threat Intelligence

Denmark - Cyber Threat Intelligence

Estonia - Cyber Threat Intelligence

Finland - Cyber Threat Intelligence

Greece - Cyber Threat Intelligence

Magyarország - Cyber Threat Intelligence

Ireland - Cyber Threat Intelligence

Luxembourg - Cyber Threat Intelligence

Latvia - Cyber Threat Intelligence

España - Cyber Threat Intelligence

Italia - Cyber Threat Intelligence

Lithuania - Cyber Threat Intelligence

Nederland - Cyber Threat Intelligence

Norway - Cyber Threat Intelligence

Portugal - Cyber Threat Intelligence

România - Cyber Threat Intelligence

Sverige - Cyber Threat Intelligence

Türkiye - Cyber Threat Intelligence

Malta - Cyber Threat Intelligence

Belgique - Cyber Threat Intelligence

France - Cyber Threat Intelligence

日本 - Cyber Threat Intelligence

Australia - Cyber Threat Intelligence

Malaysia - Cyber Threat Intelligence

New Zealand - Cyber Threat Intelligence

Philippines - Cyber Threat Intelligence

Singapore - Cyber Threat Intelligence

Thailand - Cyber Threat Intelligence

Vietnam - Cyber Threat Intelligence

India - Cyber Threat Intelligence

Argentina - Cyber Threat Intelligence

Chile - Cyber Threat Intelligence

Costa Rica - Cyber Threat Intelligence

Ecuador - Cyber Threat Intelligence

Guatemala - Cyber Threat Intelligence

Colombia - Cyber Threat Intelligence

México - Cyber Threat Intelligence

Panama - Cyber Threat Intelligence

Peru - Cyber Threat Intelligence

Uruguay - Cyber Threat Intelligence

Venezuela - Cyber Threat Intelligence

Polska - Cyber Threat Intelligence

United Kingdom - Cyber Threat Intelligence

South Korea - Cyber Threat Intelligence

Pakistan - Cyber Threat Intelligence

Sri Lanka - Cyber Threat Intelligence

Bulgaria - Cyber Threat Intelligence

Bolivia - Cyber Threat Intelligence

Indonesia - Cyber Threat Intelligence

Kazakhstan - Cyber Threat Intelligence

Moldova - Cyber Threat Intelligence

Morocco - Cyber Threat Intelligence

Tunisia - Cyber Threat Intelligence

Kuwait - Cyber Threat Intelligence

Oman - Cyber Threat Intelligence

Slovakia - Cyber Threat Intelligence

Kenya - Cyber Threat Intelligence

Nigeria - Cyber Threat Intelligence

Botswana - Cyber Threat Intelligence

Slovenia - Cyber Threat Intelligence

Croatia - Cyber Threat Intelligence

Serbia - Cyber Threat Intelligence

Bhutan - Cyber Threat Intelligence

Nepal - Cyber Threat Intelligence

Uzbekistan - Cyber Threat Intelligence