by Dean Pompilio'

Intro to Cyber Threat Intelligence

 
0% Completed
Start Course

The CTI course consists of 12 information-packed modules. CTI is a critical function within any organization that involves roles like analysts, methodologies, tools, teams, and policies. From threat analysis to the Cyber Kill Chain, learn it here.

Time
4 hours
CEU/CPE
4 hours
Difficulty
Intermediate
Share this course and earn Cybytes
Lessons
Description
Course Material
Certificate
 
Course Description

The Cyber Threat Intelligence (CTI) course is taught by Cybrary SME, Dean Pompilio. It consists of 12 modules and provides a comprehensive introduction to CTI. The subject is an important one, and in addition to discussing tactics and methods, quite a bit of focus is placed on operational matters including the various CTI analyst roles.

The course starts off with discussing fundamental concepts such as defining CTI and the foundations of threat intelligence. Defining threats and how an organization will respond to them truly is the foundation of CTI. The collection of data, otherwise known as Intel, forms the basis of threat analysis. During the analysis phase of CTI, threats are identified which then trigger an incident response effort or campaign. Indicators of attack (IoA) and of compromise (IoC) serve to guide the threat identification and incident response efforts.

The middle modules of the CTI course delve into the roles of the various security analysts. These roles correspond to the types of threat intelligence consisting of tactical, operational, and strategic threat intelligence. The timelines for each type vary accordingly with the tactical threat intelligence timeline being much shorter than that of the strategic threat intelligence timeline.

The duties of the various analysts also vary accordingly with the tactical analyst responsible for maintaining a strong security posture by spending most of the time hunting threats and chasing down leads on suspicious behavior.

Conversely, the role of the strategic analyst is focused on the long term defense of an organization and requires a big picture view of things. The strategic analyst performs threat modeling using brain-storming exercises to better understand situations that can be exploited by an adversary. In Module 6, Dean reviews several NIST documents concerned with threat modeling.

The important topic of the Cyber Kill Chain (CK) is fundamental to the course. It is first introduced in Module 7 and then a deeper dive is undertaken in Modules 9 and 10. The CKC is a procedural model for identifying and responding to threats consisting of seven phases. It’s a somewhat complex concept but an extremely important tool for dealing with threats and adversaries.

The methodical nature of the CKC enables the analyst to respond efficiently to threats. Its use also minimizes the risk of false positives which waste time and resources and can result in a loss of credibility of an analyst. Modules 9 and 10 continue the examination of the CKC with Module 10 concerned with the management of the CKC. Open lines of communication before, during, and after an event are a critical part of CTI.

The course concludes with an overview of some extremely useful and free resources for CTI. Module 11 presents some open source intelligence tools and resources. Dean demonstrates the open source Maltego tool and goes over its wealth of features. He also discusses a website that provides over 250 free OSINT resources. This course may be an introduction to CTI, but Dean packs an incredible wealth of information into it!

 
Course Badge
What is a Course Badge? Whenever you feel that you have mastered the content of a course, get yourself a nifty course badge to show off your profile.
Current Cybyte Count:
Course Badge: 15 Cybytes
Buy Badge
You need more Cybytes to earn this Course Badge
$ = 25 Cybytes

Recorded Future Cyber Daily

 

 

With new threats lurking around every corner, you need to be prepared. Join thousands of your infosec peers and subscribe to the Cyber Daily for free trending threat intelligence insights.

 

 

How do I earn my Certificate of Completion?

1. Complete Intro to Cyber Threat Intelligence on Cybrary

2. Earn 25 Cybytes by logging in, completing lessons and sharing courses and other content

3. Use your Cybytes to earn your Cybrary verified Certificate of Completion

Have questions? Visit our FAQ page to learn more.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

Cybrary|0P3N

DUHK: The Technique That Got the VPN Compromised
Views: 1274 / December 10, 2017
What is Docker? [Series]
Views: 2095 / December 9, 2017
Wanna-Cry Ransomware
Views: 2084 / December 9, 2017
The Abyssal Depth of the Deep Web
Views: 2058 / December 8, 2017
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel