Course Overview
This EC-Council accredited CTIA program equips security professionals with advanced skills to collect, analyze, and operationalize cyber threat intelligence. The course covers the complete threat intelligence lifecycle, from raw data collection to actionable intelligence production, enabling organizations to proactively defend against emerging threats. Through hands-on labs and real-world case studies, participants will master intelligence-driven security operations.
Course Objectives
Upon completion, participants will be able to:
✔ Implement a structured threat intelligence lifecycle
✔ Conduct advanced threat data collection and processing
✔ Analyze malware, campaigns, and adversary TTPs
✔ Produce actionable intelligence for different stakeholders
✔ Integrate threat intelligence into security operations
✔ Prepare for the CTIA certification exam
Who Should Attend
This course is designed for:
◼ Threat Intelligence Analysts
◼ SOC Analysts and Security Operators
◼ Incident Responders
◼ Cybersecurity Researchers
◼ Security Operations Center Personnel
◼ Risk Assessment Professionals
Course Content Breakdown
Day 1: Foundations of Threat Intelligence
- Threat intelligence concepts and lifecycle
• Intelligence requirements (Strategic, Operational, Tactical)
• Threat intelligence platforms and tools
• Workshop: Building collection plans
Day 2: Data Collection & Processing
- Open-source intelligence (OSINT) techniques
• Dark web and technical data collection
• Data normalization and enrichment
• Lab: Creating automated collection workflows
Day 3: Threat Analysis & Attribution
- Malware analysis for intelligence purposes
• Campaign analysis and clustering
• Adversary TTPs and MITRE ATT&CK framework
• Practical: Analyzing real threat actor reports
Day 4: Intelligence Production & Dissemination
- Intelligence product creation (Reports, Briefings, Feeds)
• Threat intelligence sharing standards (STIX/TAXII)
• Vulnerability intelligence and exploit forecasting
• Hands-on: Creating executive threat briefings
Day 5: Operational Integration & Capstone
- Integrating TI with SOC operations
• Threat hunting fundamentals
• Measuring intelligence program effectiveness
• Final exercise: Full intelligence cycle simulation