CTIA - Certified Threat Intelligence Analyst
8/5/2020 - 8/7/2020COURSE LENGTH:
8:00am to 5:00 pm
This 3 Day Course, Certified Threat Intelligence Analyst (C|TIA) is designed and developed in collaboration with cybersecurity and threat intelligence experts across the globe to help organizations identify and mitigate business risks by converting unknown internal and external threats into known threats. It is a comprehensive, specialist-level program that teaches a structured approach for building effective threat intelligence.
AUDIENCE AND PREREQUISITES
C|TIA is a method-driven program that uses a holistic approach, covering concepts from planning the threat intelligence project to building a report to disseminating threat intelligence. These concepts are highly essential while building effective threat intelligence and, when used properly, can secure organizations from future threats or attacks.
his program addresses all the stages involved in the Threat Intelligence Life Cycle.
Who Is It For?
Security Practitioners, Engineers, Analysts, Specialist, Architects, and Managers
Threat Intelligence Analysts, Associates, Researchers, Consultants
Digital Forensic and Malware Analysts
Incident Response Team Members
Any mid-level to high-level cybersecurity professionals with a minimum of 2 years of experience.
Individuals from the information security profession and who want to enrich their skills and knowledge in the field of cyber threat intelligence.
Individuals interested in preventing cyber threats.
*Course cost listed does not include the cost of courseware iLabs , Aspen Dashboard Access Application fee or Exam. Please contact us at firstname.lastname@example.org or 207-775-0244 for additional pricing information, or if you have any questions. This course is subject to a minimum enrollment to run. If low enrollment class can be run as a live on line.
Module 01: Introduction to Threat Intelligence Understanding Intelligence Intelligence Definition and Essential Terminology Intelligence vs. Information vs. Data Intelligence-Led Security Testing (Background and Reasons) Understanding Cyber Threat Intelligence Cyber Threat Intelligence (CTI) Cyber Threat Intelligence Stages, Characteristics of Threat Intelligence Benefits of CTI, Enterprise Objectives for Threat Intelligence Programs Types of Threat Intelligence, Strategic, Tactical ,Operational,,Technical ? Threat Intelligence Generation, Informed Risk Management Integration of Threat Intelligence into SIEM Leverage Threat Intelligence for Enhanced Incident Response. Overview of Threat Intelligence Lifecycle and Frameworks Threat Intelligence Lifecycle, ? Threat Analyst Roles in Threat Intelligence Lifecycle Threat Intelligence Strategy , Capabilities Capabilities to Look for in Threat Intelligence Solution Threat Intelligence Maturity Mode, Frameworks Collective Intelligence Framework (CIF) CrowdStrike Cyber Threat Intelligence Solution NormShield Threat and Vulnerability Orchestration MISP - Open Source Threat Intelligence Platform TC Complete, Yeti, ThreatStream Additional Threat Intelligence Frameworks Module 02: Cyber Threats and Kill Chain Methodology Understanding Cyber Threats, Overview of Cyber Threats Cyber Security Threat Categories, Threat Actors/Profiling the AttackerThreat: Intent, Capability, Opportunity Triad Motives, Goals, and Objectives of Cyber Security Attacks Hacking Forums Understanding Advanced Persistent Threats (APTs) Advanced Persistent Threats (APTs Characteristics of Advanced Persistent Threats (APTs), Advanced Persistent Threat Lifecycle Understanding Cyber Kill Chain, Cyber Kill Chain Methodology Tactics, Techniques, and Procedures (TTPs), Adversary Behavioral Identification, Kill Chain Deep Dive Scenario - Spear Phishing Understanding Indicators of Compromise (IoCs), Indicators of Compromise (IoCs) Why Indicators of Compromise Important?, ? Categories of IoCs Key Indicators of Compromise, Pyramid of PainModule 03: Requirements, Planning, Direction, and Review Understanding Organizationís Current Threat Landscape Identify Critical Threats to the Organization, Assess Current Security Teamís Structure and Competencies Understand Organizationís Current Security Infrastructure and Operations, Assess Risks for Identified Threats Map out Organizationís Ideal Target State Identify Intelligence Needs and Requirements Define Threat Intelligence Requirements, Threat Intelligence Requirement Categories Business Needs and Requirements, Business Units, Internal Stakeholders, and Third-Parties Intelligence Consumers Needs and Requirements Priority Intelligence Requirements (PIRs) Factors for Prioritizing Requirements, MoSCoW Method for Prioritizing Requirements, Prioritize Organizational Assets Scope Threat Intelligence Program, Rules of Engagement, Non-Disclosure Agreements, Avoid Common Threat Intelligence Pitfalls. Planning Threat Intelligence Program Prepare People, Processes, and Technology, Develop a Collection Plan Schedule Threat Intelligence Program, Plan a Budget Develop Communication Plan to Update Progress to Stakeholders Aggregate Threat Intelligence, Select a Threat Intelligence Platform , Track Metrics to Keep Stakeholders Informed Establishing Management Support, Prepare Project Charter and Policy to Formalize the Initiative Establish Your Case to Management for a Threat Intelligence Program and Apply a Strategic Lens Building a Threat Intelligence Team, Satisfy Organizational Gaps with the Appropriate Threat Intelligence Team Understand different Threat Intelligence Roles and Responsibilities, Identify Core Competencies and Skills, Define Talent Acquisition Strategy Building and Positioning an Intelligence Team, How to Prepare an Effective Threat Intelligence Team Overview of Threat Intelligence Sharing, Establishing Threat Intelligence Sharing Capabilities Reviewing Threat Intelligence ProgramModule 04: Data Collection and Processing Overview of Threat Intelligence Data Collection Overview of Threat Intelligence Collection Management Overview of Threat Intelligence Feeds and Sources Understanding Threat Intelligence Data Collection and Acquisition Data Collection through Web Services Data Collection through Website FootprintingData Collection through Emails Data Collection through Emails Data Collection through Whois Lookup Data Collection through DNS Interrogation Automating OSINT effort using Tools/Frameworks/Scripts Data Collection through Cyber Counterintelligence (CCI) Data Collection through Indicators of Compromise (IoCs). IoC Data Collection through Internal Sources Tools for IoC Data Collection through Internal Sources Data Collection through Building Custom IoCs Tools for Building Custom IoCs Data Collection through Malware Analysis Understanding Bulk Data Collection Understanding Data Processing and ExploitationModule 05: Data Analysis Overview of Data Analysis Understanding Data Analysis Techniques Analysis of Competing Hypotheses (ACH) ACH Tool Structured Analysis of Competing Hypotheses (SACH) Other Data Analysis Methodologies Overview of Threat Analysis Understanding Threat Analysis Process Threat Modeling Methodologies Threat Modeling Tools, Enrich the Indicators with Context Enhance Threat Analysis Process with the Diamond Model Framework Validating and Prioritizing Threat Indicators. Overview of Fine-Tuning Threat Analysis Understanding Threat Intelligence Evaluation Creating Runbooks and Knowledge Base Overview of Threat Intelligence Tools Threat Intelligence ToolsModule 06: Intelligence Reporting and Dissemination Overview of Threat Intelligence Reports Introduction to Dissemination Participating in Sharing Relationships Overview of Sharing Threat Intelligence Overview of Delivery Mechanisms Understanding Threat Intelligence Sharing Platforms Overview of Intelligence Sharing Acts and Regulations Overview of Threat Intelligence Integration