Cyber Threat Intelligence Analysis

This five (5)-day Instructor-Led Training (ILT) course teaches network defenders to collect, analyze and apply targeted cyber intelligence to defensive operations in order to proactively act on and adapt to sophisticated and dedicated attacks by cyber adversaries. As malicious software incorporates more advanced counter-detection techniques, the limited signature and heuristic analysis capabilities of anti-virus software and Intrusion Detection and Prevention Systems (IDS/IPS) become less and less effective. White-listing and sandboxing technologies have proven to mitigate many host-based attacks, but additional methodologies of analysis and attribution of known and unknown APT actors are needed to positively identify and prioritize the most formidable threats to the network. This course applies the Intelligence Cycle to the full-spectrum exercise of proactive network defense. It is intended as the core competency of Threat Intelligence operations and as the precursor to additional technical intelligence collection courses. It further serves to provide students with the all-source methodology of employing cyber collection sources and disciplines in a cumulative effort to apply to network defensive postures. When properly employed, this process fosters a cyber environment of preemptive action and provides network defenders and operators with an understanding of the tools, techniques and procedures (TTPs) needed to generate the timely and relevant intelligence that is required to preemptively apply network fortifications before compromise and to respond to cyber events in an expeditious manner.

Students will learn how to apply all-source cyber intelligence-informed operational methodologies, including proactive cyber analysis, to accurately identify risks from specific threats. This is delivered through method-driven instruction of Intelligence Analysis techniques taught by experienced Intelligence Community (IC) professionals. The instructors will teach the intelligence-driven operations cycle – data collection, exploitation, analysis, reporting and dissemination – to develop the student’s methods of identifying threats and assessing and prioritizing risk. Students will be introduced to cyber intelligence sourcing, risk management and assessment, indicators of compromise, application and assessment of adversarial profiles and TTPs to proactively defend networks.

The principle objective of this course is to equip network defenders, intelligence analysts, and other security operations personnel with a modern methodology to characterizing, investigating, attributing, and responding to advanced cyber threats in a collaborative, real-time environment. Students should expect to leave this course with proficiency in intelligence-driven network defense operations.

MODULES IN THIS COURSE

• Module 1: Introduction To Threat Intelligence
• Module 2: Planning & Requirements
• Module 3: Collection & Exploitation Operations
• Module 4: Analysis, Reporting & Dissemination
• Module 5: Culmination Exercise

TARGET AUDIENCE:

Individuals that are tasked with network defense, internal risk assessment or the analysis of cyber threats to their respective organizations network.

PREREQUISITES:

There are no required prerequisites for course attendance, but students will benefit from possessing a relative working knowledge of network defenses and networking.

COURSE LENGTH:

40 hours of course work, ideally delivered over 5 consecutive business days of a week.

TESTING/CERTIFICATION

Course includes a certificate of attendance.

PRICE:

$4,600

Feb
3
Mon
Cyber Threat Intelligence Analysis [CTIA] (Colorado Springs, CO)
Feb 3 – Feb 7 all-day
Mar
2
Mon
Cyber Threat Intelligence Analysis [CTIA] (Annapolis Junction, MD)
Mar 2 – Mar 6 all-day
Apr
6
Mon
Cyber Threat Intelligence Analysis [CTIA] (Colorado Springs, CO)
Apr 6 – Apr 10 all-day
May
11
Mon
Cyber Threat Intelligence Analysis [CTIA] (San Antonio, TX)
May 11 – May 15 all-day
Jun
22
Mon
Cyber Threat Intelligence Analysis [CTIA] (San Antonio, TX)
Jun 22 – Jun 26 all-day
Jul
20
Mon
Cyber Threat Intelligence Analysis [CTIA] (Colorado Springs, CO)
Jul 20 – Jul 24 all-day
Aug
3
Mon
Cyber Threat Intelligence Analysis [CTIA] (Honolulu, HI)
Aug 3 – Aug 7 all-day
Aug
31
Mon
Cyber Threat Intelligence Analysis [CTIA] (Colorado Springs, CO)
Aug 31 – Sep 4 all-day
Oct
26
Mon
Cyber Threat Intelligence Analysis [CTIA] (Colorado Springs, CO)
Oct 26 – Oct 30 all-day
Nov
16
Mon
Cyber Threat Intelligence Analysis [CTIA] (Colorado Springs, CO)
Nov 16 – Nov 20 all-day

Human-Led. Technology-Accelerated.

Email Call 719.368.3677 (M-F 8-5)