About Course
What you’ll learn
Understand Cyber Threat Intelligence (definition, objectives and specific vocabulary)
Understand and use CTI specific models (Cyber Kill Chain, Diamond Model, Mitre ATT&CK, Pyramid of Pain)
Know how to do a threat actor primo-analysis (define intelligence requirements, collect information, analyze information and write a report)
Know how to do asset monitoring in the Darkweb (set up a virtual environment & VPN connection, monitor forums & marketplaces, monitor ransomware groups)
Know how to do C2 infrastructure hunting (pivot on SSL certificates and JARM fingerprints)
Requirements
There are no prerequisites for this class
Description
Cyber Threat Intelligence is a relatively new field within cyber security. As cyber attacks increase both in terms of volume and sophistication, organizations felt the need to anticipate future cyber attacks by analyzing threat actors, malwares, used modus operandi, motivations and possible affiliations.
Are you a young graduate in the field of cyber security, computer science, international relations & geopolitics?
Are you a junior cyber security professionals (SOC analysts, CERT analysts)?
Are you interested in cyber security and would like to know more about Cyber Threat Intelligence?
If yes, this class will provide you:
The theoretical foundations of Cyber Threat Intelligence with:
Definitions of the fundamentals (cyberspace, threat, intelligence, Indicators of Compromise,etc.)
Definition and explanation of CTI specific models (Cyber Kill Chain, Diamond Model, Pyramid of Pain, MITRE ATT&CK)
Explanation of CTI objectives (Tactical level, Operational level, Strategic Level Intelligence)
Concrete examples of reports published nowadays
Quizzes to test your knowledge
The practical experience to complete CTI related tasks:
Primo-analysis of a threat actor (context, modus operandi analysis, assessment and recommendations)
Asset monitoring in the Darkweb (setup a virtual environment, VPN connection, identify Darkweb forums and ransomware group activities)
Adversary controlled infrastructure hunting (SSL certificate pivoting and JARM fingerprint pivoting)
Resources for your future tasks as a CTI analyst:
OSINT report integration framework
Intelligence Workbook
Analysis and reports examples
This class is synthetic, straight to the point and well resourced. Enjoy the class and welcome to the CTI community!
Who this course is for:
Young graduates in the following field: cyber security, computer science, international relations & geopolitics
Junior cyber security professionals (SOC analysts, CERT analysts)
Download