courses
Free to Start

Advanced Cyber Threat Intelligence

Do you want to take your cyber threat intelligence skills to the next level so you can better protect your organization? Learn to leverage existing data sources, reduce false positives, and use models like the Cyber Kill Chain, and the MITRE ATT&CK framework to structure your analysis in this Advanced Cyber Threat Intelligence course.
4
Share
Start CourseSubscribe for UpdatesNeed to train your team? Learn more
Start Course for FreeNeed to train your team? Learn more
4
13
M
Time
advanced
difficulty
5
ceu/cpe

Course Content

Module 1: Introduction
Module 2: Collection
Module 3: Data Management and Processing
Module 4: Analysis
Module 5: Campaign Analysis
Module 6: Attribution
Module 7: Dissemination and Sharing
Module 8: Summary
Course Assessment
8.1 Summary

7m

Module 8: Summary
7.1 Introduction to Dissemination

7m

Module 7: Dissemination and Sharing
6.1 Introduction to Attribution

8m

Module 6: Attribution
4.1 Introduction to Analysis

5m

Module 4: Analysis
5.1 Introduction to Campaigns

5m

Module 5: Campaign Analysis
3.1 Introduction to Data Processing

6m

Module 3: Data Management and Processing
2.1 Introduction to Data Collection

4m

Module 2: Collection
1.1 Course Introduction

8m

Module 1: Introduction
7.2 Tactical Intelligence

7m

Module 7: Dissemination and Sharing
6.2 Cognitive Biases

6m

Module 6: Attribution
3.2 Common CTI Standards Part 1

8m

Module 3: Data Management and Processing
4.2 Analysis of Competing Hypothesis

8m

Module 4: Analysis
5.2 Heatmap Analysis

6m

Module 5: Campaign Analysis
2.2 Internal Data Acquisition

7m

Module 2: Collection
1.2 Introduction to the Intelligence Lifecycle

7m

Module 1: Introduction
7.3 Operational Intelligence

5m

Module 7: Dissemination and Sharing
6.3 Logical Fallacies

7m

Module 6: Attribution
5.3 Visual Analysis

6m

Module 5: Campaign Analysis
3.3 Common CTI Standards Part 2

4m

Module 3: Data Management and Processing
4.3 Cyber Kill Chain and Diamond Model

11m

Module 4: Analysis
2.3 External Data Sources

7m

Module 2: Collection
6.4 How to Manage Biases

5m

Module 6: Attribution
4.4 Cyber Kill Chain and Courses of Action Matrix

9m

Module 4: Analysis
2.4 Private Data Sources Part 1

8m

Module 2: Collection
6.5 Nation-State Attribution Part 1

8m

Module 6: Attribution
Course Description

Cyber threats keep getting more complex and sophisticated and security teams cannot continue playing whack-a-mole. Basic methods and tools are no longer efficient against these emerging threats. This is why moving towards more data driven security is a necessity and of course all of this requires specific skills that you will be learning through this course. This course, Advanced Cyber Threat Intelligence, is built with the intelligence cycle in mind to create a consistent image and a logical sequence of how to build and leverage a Threat Intelligence program.

So, you will be interested to enroll in the course if you already have some basic knowledge about cyber threat intelligence and you are looking for a course to enhance your existing skills, or perhaps you are building a new Cyber Threat Intelligence program for your organization. The advanced Cyber Threat Intelligence course will benefit security practitioners and individuals interested in preventing cyber threats. In this course, we will discuss how Threat Intelligence can help you leverage your existing data sources to extract useful information and how to find complementary information and intelligence from external sources. We will also explain how to get actionable data through the process of vetting and the importance of this task to reduce efforts on false positives investigations.

The next part will be dealing with analysis of intrusion and campaigns. It can help you structure your analysis using models and techniques like the Analysis of Competing Hypotheses, the Cyber Kill Chain and MITRE ATT&CK. A full part will be dedicated to campaign investigation and its sophisticated analysis methods such as Visual analysis and Heatmap analysis. Another interesting part of the analysis is attribution. Working on complex investigations can often lead to create confusion or even push analysts to use shortcuts to come up with conclusions especially related to attribution. At some point, it becomes a handicap to think properly but if the analysts are unable to identify these issues, they won’t be able to defeat them. For this reason, one of the modules will discuss biases and logical errors identification and giving advice on how to manage them.

And finally, one of the key concepts of Cyber Threat Intelligence is dissemination. Therefore, it is essential to choose the right format of intelligence to share based on your targeted audience (tactical, operational, strategic).

Prerequisites

  • Familiar with networking essentials
  • Familiar with security terminology (Firewall, SIEM, IPS, …)
  • Complete the “Intro to Cyber Threat Intelligence” course
  • Basic OSINT knowledge
  • Basic understanding of the Cyber Kill Chain
  • Basic understanding of data analysis

    • Course Goals

    By the end of this course, students should be able to:

  • Run a threat intelligence program for an organization
  • Collect and select relevant intelligence to enhance detection and response
  • Analyze a campaign using ACH
  • Understand the mindset of modern attackers and adapt detection & response strategies based on Cyber Threat Intelligence analysis
  • Challenge and manage biases in intrusion analysis
  • Provide actionable advice about emerging threats
    • Build and disseminate threat intelligence reports based on the intended audience

    This course is part of a Career Path:
    Become a SOC Analyst - Level 2
    This Career Path is for a Security Operations Center Analyst (SOC Analyst). This particular Career Path covers a more intermediate-level SOC role. As a SOC Analyst, your primary duty is to ensure that the organization’s digital assets are secure and protected from unauthorized access. That means that you are responsible for protecting both online and on-premise infrastructures, monitoring data to identify suspicious activity, and identifying and mitigating risks before there is a breach. In the event that a breach does occur, a SOC analyst will be on the front line, working to counter the attack. This career path is aligned to the Cyber Defense Incident Responder NICE/NIST Work Role.

    Instructed by

    Instructor
    Alyssa Berriche

    I am a Senior Cyber Threat Intelligence Analyst with 3+ years of professional experience in cybersecurity field and have been a cyber security college instructor for more than two years. My first steps in the cybersecurity field were during my college years, within the organization “SecuriNets," where I had the chance to become the president from 2014 to 2015 and participated on the organization of the national security day “Securiday."

    For my non-work-related activities, I’m a cat-mom, so taking care of my cats represents an important part of my day-to-day life. On my free time, I enjoy writing articles on my magazine (digitalys-mag.net), I do media coverage of geek events and cyber security events.

    I joined Cybrary as a regular member more than 2 years ago and I’ve been watching the growth of the platform and enrolled to few courses. I found out about the TA and Instructor programs though one of the email notifications, so I first applied as a TA and joined the community. Quickly after that I saw that there was a Cybrary course waiting for an instructor, so I wondered if it was the right time to give back to the community and start sharing. I applied for the instructor position and started my first course right away!

    Provider
    Cybrary Logo
    Certification Body
    Certificate of Completion

    Complete this entire course to earn a Advanced Cyber Threat Intelligence Certificate of Completion

    Coming mid-July
    Cybrary Reimagined.
    Level up with structured, role-aligned career paths.
    ALL NEW!
    Cybrary Reimagined.
    Celebrate Cybersecurity Awareness Month with our buy 2, get 1 offer!
    Level up with structured, role-aligned career paths.
    Valid until October 31. Elevate your skills today!
    Start Now
    This is the default text value
    career-paths
    career-path

    Heading

    Heading 1

    Heading 2

    Heading 3

    Heading 4

    Heading 5
    Heading 6

    Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.

    Block quote

    Ordered list

    1. Item 1
    2. Item 2
    3. Item 3

    Unordered list

    • Item A
    • Item B
    • Item C

    Text link

    Bold text

    Emphasis

    Superscript

    Subscript

    Start CourseNeed to train your team? Learn More
    Start Path for FreeNeed to train your team? Learn More
    This is some text inside of a div block.
    Share

    Purpose Statement

    Cybrary Career Paths are comprehensive training programs designed to prepare you for the most in-demand roles in the cybersecurity workforce. Each path follows a Learn, Practice, Prove model and includes different activity types aligned to key topics within the path’s security domain. As you progress through the path, your progress will be measured in real time using Experience Points (XP) that serve as a comprehensive capability score for each topic. Upon completing all of the requirements for a path, you will be rewarded with a shareable digital badge via Credly.
    This is some text inside of a div block.
    This is some text inside of a div block.
    M
    Time
    This is some text inside of a div block.
    difficulty
    This is some text inside of a div block.
    ceu/cpe

    Overview

    Heading 1

    Heading 2

    Heading 3

    Heading 4

    Heading 5
    Heading 6

    Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.

    Block quote

    Ordered list

    1. Item 1
    2. Item 2
    3. Item 3

    Unordered list

    • Item A
    • Item B
    • Item C

    Text link

    Bold text

    Emphasis

    Superscript

    Subscript

    Frequently Asked Questions
    No items found.
    What Will I Learn?
    Foundations
    Focused on the core IT competencies that cybersecurity professionals need to succeed in any career path.
    Defensive Security
    Focused on trying to find the bad guys. Topics such as threat intelligence, threat hunting, network monitoring, incident response. Defensive security is a reactive measure taken once a vulnerability is found through prevention, detection, and response.
    Engineering and Operations
    Focused on building and operating information systems.
    Governance, Risk, and Compliance
    Focused on the core IT competencies that cybersecurity professionals need to succeed in any career path.
    Leadership and Management
    Focused on program design and oversight. Covers project and program management.
    Offensive Security
    Focused on validating security controls by trying to break them (i.e. penetration testing or ethical hacking). Topics such as Kali Linux, metasploit, scanning, and privilege escalation. Offensive security seeks out the problem or vulnerability through ethical hacking and finds a solution to disable the operation.
    Offensive Security
    Focused on the core IT competencies that cybersecurity professionals need to succeed in any career path.
    Path Outline

    Heading 1

    Heading 2

    Heading 3

    Heading 4

    Heading 5
    Heading 6

    Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.

    Block quote

    Ordered list

    1. Item 1
    2. Item 2
    3. Item 3

    Unordered list

    • Item A
    • Item B
    • Item C

    Text link

    Bold text

    Emphasis

    Superscript

    Subscript

    Course Outline

    No items found.
    No items found.
    No items found.

    What Our Learners Are Saying

    Join 3 million+ users, including 96% of Fortune 1000 companies who use our platform to upskill their teams. See what the buzz is about - start learning for free!

    No items found.
    This is some text inside of a div block.
    threat-actor-campaigns
    threat-actor-campaigns