CTIA - Certified Threat Intelligence Analyst
Request a Class


COURSE COST: $1799.00

COURSE TIMES: 8:00am to 5:00 pm

Printable version of this course


This 3 Day Course, Certified Threat Intelligence Analyst (C|TIA) is designed and developed in collaboration with cybersecurity and threat intelligence experts across the globe to help organizations identify and mitigate business risks by converting unknown internal and external threats into known threats. It is a comprehensive, specialist-level program that teaches a structured approach for building effective threat intelligence.

C|TIA is a method-driven program that uses a holistic approach, covering concepts from planning the threat intelligence project to building a report to disseminating threat intelligence. These concepts are highly essential while building effective threat intelligence and, when used properly, can secure organizations from future threats or attacks.
his program addresses all the stages involved in the Threat Intelligence Life Cycle.


Who Is It For? Ethical Hackers Security Practitioners, Engineers, Analysts, Specialist, Architects, and Managers Threat Intelligence Analysts, Associates, Researchers, Consultants Threat Hunters SOC Professionals Digital Forensic and Malware Analysts Incident Response Team Members Any mid-level to high-level cybersecurity professionals with a minimum of 2 years of experience. Individuals from the information security profession and who want to enrich their skills and knowledge in the field of cyber threat intelligence. Individuals interested in preventing cyber threats.


*Course cost listed does not include the cost of courseware iLabs , Aspen Dashboard Access Application fee or Exam. Please contact us at learn@vtec.org or 207-775-0244 for additional pricing information, or if you have any questions. This course is subject to a minimum enrollment to run. If low enrollment class can be run as a live on line.


Module 01: Introduction to Threat Intelligence
Understanding Intelligence
Intelligence Definition and Essential Terminology
Intelligence vs. Information vs. Data
Intelligence-Led Security Testing (Background and Reasons)
Understanding Cyber Threat Intelligence
Cyber Threat Intelligence (CTI)
Cyber Threat Intelligence Stages, Characteristics of Threat Intelligence
Benefits of CTI, Enterprise Objectives for Threat Intelligence Programs
Types of Threat Intelligence, Strategic, Tactical ,Operational,,Technical
? Threat Intelligence Generation, Informed Risk Management
Integration of Threat Intelligence into SIEM
Leverage Threat Intelligence for Enhanced Incident Response

Overview of Threat Intelligence Lifecycle and Frameworks
Threat Intelligence Lifecycle, ? Threat Analyst Roles in Threat Intelligence Lifecycle
Threat Intelligence Strategy , Capabilities
Capabilities to Look for in Threat Intelligence Solution
Threat Intelligence Maturity Mode, Frameworks
Collective Intelligence Framework (CIF)
CrowdStrike Cyber Threat Intelligence Solution
NormShield Threat and Vulnerability Orchestration
MISP - Open Source Threat Intelligence Platform
TC Complete, Yeti, ThreatStream
Additional Threat Intelligence Frameworks

Module 02: Cyber Threats and Kill Chain Methodology
Understanding Cyber Threats, Overview of Cyber Threats
Cyber Security Threat Categories, Threat Actors/Profiling the AttackerThreat: Intent, Capability, Opportunity Triad
Motives, Goals, and Objectives of Cyber Security Attacks
Hacking Forums
Understanding Advanced Persistent Threats (APTs)
Advanced Persistent Threats (APTs
Characteristics of Advanced Persistent Threats (APTs), Advanced Persistent Threat Lifecycle
Understanding Cyber Kill Chain, Cyber Kill Chain Methodology
Tactics, Techniques, and Procedures (TTPs), Adversary Behavioral Identification, Kill Chain Deep Dive Scenario - Spear Phishing
Understanding Indicators of Compromise (IoCs), Indicators of Compromise (IoCs)
Why Indicators of Compromise Important?, ? Categories of IoCs
Key Indicators of Compromise, Pyramid of Pain

Module 03: Requirements, Planning, Direction, and Review
Understanding Organizationís Current Threat Landscape
Identify Critical Threats to the Organization,
Assess Current Security Teamís Structure and Competencies
Understand Organizationís Current Security Infrastructure and Operations, Assess Risks for Identified Threats
Map out Organizationís Ideal Target State
Identify Intelligence Needs and Requirements
Define Threat Intelligence Requirements, Threat Intelligence Requirement Categories
Business Needs and Requirements, Business Units, Internal Stakeholders, and Third-Parties
Intelligence Consumers Needs and Requirements
Priority Intelligence Requirements (PIRs)
Factors for Prioritizing Requirements, MoSCoW Method for Prioritizing Requirements, Prioritize Organizational Assets
Scope Threat Intelligence Program, Rules of Engagement, Non-Disclosure Agreements, Avoid Common Threat Intelligence Pitfalls

Planning Threat Intelligence Program
Prepare People, Processes, and Technology, Develop a Collection Plan
Schedule Threat Intelligence Program, Plan a Budget
Develop Communication Plan to Update Progress to Stakeholders
Aggregate Threat Intelligence, Select a Threat Intelligence Platform , Track Metrics to Keep Stakeholders Informed
Establishing Management Support, Prepare Project Charter and Policy to Formalize the Initiative
Establish Your Case to Management for a Threat Intelligence Program and Apply a Strategic Lens
Building a Threat Intelligence Team, Satisfy Organizational Gaps with the Appropriate Threat Intelligence Team
Understand different Threat Intelligence Roles and Responsibilities, Identify Core Competencies and Skills, Define Talent Acquisition Strategy
Building and Positioning an Intelligence Team, How to Prepare an Effective Threat Intelligence Team
Overview of Threat Intelligence Sharing, Establishing Threat Intelligence Sharing Capabilities
Reviewing Threat Intelligence Program

Module 04: Data Collection and Processing
Overview of Threat Intelligence Data Collection
Overview of Threat Intelligence Collection Management
Overview of Threat Intelligence Feeds and Sources
Understanding Threat Intelligence Data Collection and Acquisition
Data Collection through Web Services
Data Collection through Website FootprintingData Collection through Emails
Data Collection through Emails
Data Collection through Whois Lookup
Data Collection through DNS Interrogation
Automating OSINT effort using Tools/Frameworks/Scripts
Data Collection through Cyber Counterintelligence (CCI)
Data Collection through Indicators of Compromise (IoCs)

IoC Data Collection through Internal Sources
Tools for IoC Data Collection through Internal Sources
Data Collection through Building Custom IoCs
Tools for Building Custom IoCs
Data Collection through Malware Analysis
Understanding Bulk Data Collection
Understanding Data Processing and Exploitation

Module 05: Data Analysis
Overview of Data Analysis
Understanding Data Analysis Techniques
Analysis of Competing Hypotheses (ACH)
ACH Tool
Structured Analysis of Competing Hypotheses (SACH)
Other Data Analysis Methodologies
Overview of Threat Analysis
Understanding Threat Analysis Process
Threat Modeling Methodologies
Threat Modeling Tools, Enrich the Indicators with Context
Enhance Threat Analysis Process with the Diamond Model Framework
Validating and Prioritizing Threat Indicators

Overview of Fine-Tuning Threat Analysis
Understanding Threat Intelligence Evaluation
Creating Runbooks and Knowledge Base
Overview of Threat Intelligence Tools
Threat Intelligence Tools

Module 06: Intelligence Reporting and Dissemination
Overview of Threat Intelligence Reports
Introduction to Dissemination
Participating in Sharing Relationships
Overview of Sharing Threat Intelligence
Overview of Delivery Mechanisms
Understanding Threat Intelligence Sharing Platforms
Overview of Intelligence Sharing Acts and Regulations
Overview of Threat Intelligence Integration