Certified Threat Intelligence Analyst – C)TIA

The Certified Threat Intelligence Analyst (C)TIA course equips cybersecurity professionals with the skills needed to collect, analyze, and interpret cyber threat intelligence to proactively defend against cyberattacks. This course delves into advanced threat detection, risk mitigation, and intelligence-driven security strategies, ensuring that learners are prepared to combat modern cyber threats.

Mile2’s CTIA course focuses heavily on hands-on labs, concentrating on discerning and interpreting threats and responding to them. The CTIA course focuses overall on current significant threats, threat actors, and identification procedures so that cyber-security professionals can implement the best policies and procures for their organizational security posture.

Once complete, the student will be competent toward improving a company’s existing security infrastructure. Policies and methodologies learned in the CTIA will allow the student to use threat intelligence concepts to decrease overall company risk. NICE FRAMEWORK WORK-ROLE ID: AN-TWA-001

Learning Outcomes

By the end of this course, participants will be able to:
✅ Understand cyber threat intelligence frameworks (MITRE ATT&CK, Kill Chain, Diamond Model)
✅ Identify and analyze malware, phishing campaigns, and APT attacks
✅ Develop intelligence reports and risk mitigation strategies
✅ Utilize OSINT tools, threat feeds, and SIEM systems for threat hunting
✅ Implement threat modeling, risk analysis, and security automation
✅ Enhance incident response through intelligence-led investigations
✅ Master cyber adversary profiling and predictive threat analysis

Detailed Outline:

Module 1:  Threat Intelligence Basics       

• Threat Intelligence Basics
• Threat Intelligence Use Cases
• Threat Intelligence Development (Requirements)
• Types of Threat Intelligence

Module 2:  Cyber Threats

• Cyber Threat Overview
• Cyber Threats Classification
• Prevention Against Cyber Threats
• Examples of Cyber Threats in History

Module 3:  Threat Actors

• Threat Actors Overview
• Threat Actors Classification
• Examples of threat Actors in History

Module 4: Cyber Threats & Malicious Actors Case Studies       

• Stuxnet
• EternalBlue
• WannaCry
• Wizard Spider Group
• Operation Aurora
• Zerologon

Module 5: Threats Identification

• Threat Hunting
  1. Introduction to IoC (Indicators of Compromise)
  2. Backdoors Hunting (Manual and Automated)
  3. Malware Hunting (Manual and Automated)
  4. APT Hunting (Manual and Automated)
• Threats Analysis Framework
  1. Kill Chain
  2. MITRE ATT&CK
  3. Diamond Model
  4. Determining Tactics, Techniques, and Procedures (TTP) of a Threat

Module 6: Implementing a Proactive Threat Intelligence Approach

• Scope, Goals, and Characteristics of a Proactive Threat Intelligence Approach
• Implementation and Practicability
  1. Threat Intelligence Feeds
  2. Threat Intelligence Communities
  3. Threat Intelligence Tools

Detailed Lab Outline:

Lab 1 – Practical Analysis of Well-Known Threats          

• Stuxnet Analysis
• EternalBlue Analysis
• WannaCry Analysis
• Zerologon Analysis

Lab 2 – Hunting for Active Threat Through Collected Logs       

• Hunting for Backdoors
• Hunting for Malware
• Automated Threat Hunting

Lab 3 – Defensive Threat Intelligence Development

• YARA Rules Usage, Development, and Improvement
• Snort Rules Usage, Development and Improvement
• SIEM rules in STIX and TAXII, Development and Usage
• Threat Simulation

Lab 4 – Threat Intelligence Data Integration with SIEM  

• Collection
• Ingestion
• Threat Simulation

Lab 5 – OSINT Methodology to Identify Latest Threats  

• Discovering Cyber Threats Through Social Media OSINT
• Discovering Cyber Threats Through Dark Web OSINT