This three-day course introduces the discipline of cyber intelligence
with a focus on the cyber intelligence lifecycle. It covers current
technology trends, common vulnerabilities and a review of noteworthy
cyber breaches and adversary activity. It also summarizes relevant
U.S. and international standards and policies.
After completing this course, learners should be able to:
- Clearly define cyber security intelligence and articulate the
importance and staffing of cyber threat intelligence (CTI)
- Identify and develop source data for CTI
- Explain the concepts and interactions between cyber key terrain,
cyber security intelligence, quality assessments, indicators of
compromise and threat modeling
- Document threats effectively
to develop raw data into minimally viable intelligence and write
better intelligence reports
- Detail ways to counter
analytical biases and explain the FireEye Threat Model to better
- Understand how intelligence analysts
convert raw threat data into actionable intelligence
Who Should Attend
Managers of technical information security teams and analytic and
technical professionals familiar with threat intelligence.
Working understanding of basic information security principles and
general understanding of threat intelligence.
What to Bring
Learners will need to bring a computer with Windows 7 or newer
operating system installed, Core i5 or equivalent processor, 6 GB
(preferably 8 GB) of RAM and 25 GB or more of free HDD space.
Virtual machines are acceptable provided at least 4 GB of RAM can be
allocated. Learners must provide their own copies of and licenses for Windows.
Learners will receive a lab book and USB thumb drive containing all
required class materials and tools.