Training
This section aims to identify relevant training. It is not meant to be an exhaustive list of all training available, nor have we had the time to exhautively asess each course, but this should be a good starting point for folks looking for training in Cyber Threat Intelligence. If you are aware of other helpful resources, please do submit them to cti-sig@first.org so that we might share these with our members.
Existing Certifications
| Organization |
Title |
Syllabus |
Notes |
| SANS |
FOR578 - Cyber Threat Intelligence |
https://uk.sans.org/course/cyber-threat-intelligence |
This has been running in a couple of different forms over the last two years. Current version of the course is centred around SANS Digital Forensics and Incident Response training. Robert M Lee from Dragos is the current maintainer. The course content has been reviewed at the SANS DFIR CTI Summit (next one in Jan) |
| CREST |
CREST Certified Threat Intelligence Manager (CCTIM) |
https://crest-approved.org/examination/crest-certified-threat-intelligence-manager/index.html |
Although CREST are not a training provider themselves, they do partner with others who provide training. They provide an official qualification for CCTIM designed to accredit managers and directors who participate in threat intelligence used in the UK threat led penetration testing standards (CBEST and STAR). The corresponding European program (TIBER-NL and TIBER-EU has adopted a non-certified approach, however holders of these qualifications may provide supporting evidence to financial institutions considering the test. |
| CREST |
CREST Registered Threat Intelligence Analyst |
https://crest-approved.org/examination/crest-registered-threat-intelligence-analyst/index.html |
This CREST qualification was created to support threat intelligence analysts who support work on the UK CBEST and STAR adversary emulation for security testing work. This is a requirement for those tests. |
| EC Council |
Certified Threat Intelligence Analyst |
https://www.eccouncil.org/programs/certified-threat-intelligence-analyst-ctia/ |
This paid for course appears to cover a comprehensive sylabus that includes threat modelling and risk analysis techniques. If anyone knows about approximate costs it would be interesting to learn more. |
Tailored certifications and courses
| Organization |
Title |
Syllabus |
Notes |
| Treadstone 71 |
Cyber Intelligence Training |
https://www.treadstone71.com/cyber-intelligence-training |
Treadstone 71 offer a comprehensive range of courses covering a broad set of disciplines within the Cyber Intelligence topic space. Some of which are available upon demand. These courses cover topics including Analysis and Forecasting, Cyber CounterIntelligence, Intelligence for the C-Suite, Analytic Reporting, Cyber Intelligence and General Tradecraft, OSINT, Collection Management, Structured Analytical Techniques, Critical Thinking, Targeted Adversary OSINT and tailored courses. |
| Arno Reuser |
OSINT Pathfinder Programme |
http://arnoreuser.com/ |
Arno Reuser has produced and managed courses on Open Source Intelligence for a number of years. |
| Michael Bazzell |
IntelTechniques |
https://inteltechniques.com/training/ |
Michael is the author of the "Open Source Intelligence Techniques" book and offers a range of online and in person courses. |
| Globalytica |
Intelligence Analysis Professional |
Publications: https://shop.globalytica.com/collections/publications
Certifications: https://shop.globalytica.com/collections/ |
The course provides a run through of Structure Analysis Techniques (STA). The course is hosted by Randy Pherson, the author of “structured analytical techniques for intelligence analysts” and many other resources of analysis training. |
Online courses
Books
See the resources section for a list of books (here: Books).
Videos
