- Cybersecurity
- English
- Jennita Rao Appanah Appayya
- Kaleem Ahmed USMANI
- Manish Lobin
Introductory
Description
Cyber threat intelligence is an area of cybersecurity that focuses on the collection and analysis of information about current and potential attacks that can threaten the safety of an organization or its assets. It aims to give organisations an in-depth understanding of the threats that pose the greatest risk to their infrastructure and devise a plan to protect their business. This course is designed to introduce the in-depth concept of cyber threat intelligence to participants and provide them with the practical experience to gain cyber threat intelligence skills that are required to make security teams better, threat hunting more accurate, incident response more effective, and organizations more aware of the evolving cyber threat landscape.
This training is aimed at incident handlers, network engineers, SOC analysts, CERT analysts, security analysts, and network administrators or any cyber security professional.
The participants should have the basic knowledge in cybersecurity and cyber threat intelligence.
Upon completion of this course, participants will be able to:
- Define the concept of Cyber Threat Intelligence , its objectives and related specific terms
- Use optimal actions to address tactical, operational, and strategic-level threat intelligence
- Generate threat intelligence to detect, respond to, and defeat focused and targeted threats
- List the different sources to collect adversary data and how to exploit
- Validate information received externally to minimize the costs of bad intelligence
- Analyse and leverage complex scenarios related to cyber threats
- Identify and create intelligence requirements through practices such as threat modeling
The training will be carried out online through the ITU Academy Platform. It will include presentations by instructors and explanations on the exercises. The training will be conducted online by an instructor through zoom sessions.
An exam consisting of 25 – 30 multiple choice questions will be conducted on the last day.
A total score higher than 70% is required to obtain the ITU certificate.
Day 1
(25.06.2024)
11.00am – 14:00pm (CEST)
Introducing Cyber Threat Intelligence
- Overview of Cyber Threat Intelligence (CTI)
- CTI Specific Terminology
- Threat actors
- Intelligence Requirements
- Tactics, Techniques and Procedures
- Intrusion
- Traffic Light Protocol
- Indicator of Compromise
Cyber Threat Intelligence Objectives
- CTI Objectives – Strategic, Operational, Tactical
- Practical examples in context of CTI objectives
- CTI Challenges
Key learning points
- Define Cyber Threat Intelligence, its objectives and related specific terms
Training activities details
- Lecture slides
Day 2
(26.06.2024)
11.00am – 14:00pm (CEST)
Cyber Threat Intelligence Lifecycle and Frameworks
- CTI Lifecycle
- Cyber Kill Chain
- Diamond Model
- Mitre ATT&CK Matrix
- Pyramid of Pain
- CTI Tools
Key learning points
- Use CTI specific models
Training activities details
- Lecture slides
- Group work
- Labs
Day 3
(27.06.2024)
11.00am – 14:00pm (CEST)
CTI Reports
- Examples of CTI reports
- How to create CTI reports
Case Scenarios
- Hands-on examples
Key learning points
- Create own CTI Reports
- Explore and use existing CTI platforms
Training activities details
- Lecture slides
- Group work
- Labs
Day 4
(28.06.2024)
11.00am – 12:00pm (CEST)
Exam
The exam will of 1 hour duration which will start at 10:30 am CEST.