Cyber Intelligence Training Amsterdam

Amsterdam – Cyber Intelligence Tradecraft – Certified Threat Intelligence Analyst 

Anonymity and Passive Persona setup
Collection Methods and Techniques
Collection Planning, IRs/PIRs/EEIs/Indicators/SIRs
Collection Process Flow
Collection (OSINT) Tools and Targeting
Threat Intelligence
Most likely Threat Actors
Access to ThreatStream during the class
Hunch.ly
Use of Maltego – overview
OPSEC – VPNs, Buscador, Authentic8 Silo
OSINT Browser – Oryon C Portable
Proxy Access – the DarkNet
Demonstration – Recorded Future / Intel471
Burn phone set up and use (US Only)
Open Source Intelligence OSINT
Production Methods
Structured Analytic Techniques – Their use
Adversary Denial and Deception
Source Credibility and Relevance
Source Validation
Denial and Deception
Confidence Levels
Types of evidence
Production Management
Critical and Creative Thinking
Cognitive Bias
Glossary and Taxonomy
What Intelligence Can and Cannot Do
Use of Mitre ATT&CK in Analysis
ATT&CK in examining patterns and trends
ATT&CK in Adversary tendencies
Estimation and Forecasting
Campaign analysis
Types and Methods of Analysis
Synthesis and Fusion
Analysis of Competing Hypothesis
Inductive/Abductive/Deductive Reasoning
Stakeholder Identification, and Analysis
Analytic Writing, BLUF, AIMS
Forecasting in your writing
STEMPLES Plus
Indicators of Change
Argument Mapping
Types of Reports
Product Line Mapping
Report Serialization, and Dissemination
Live Case Studies – Class briefs

  • Intro to Cyber Intelligence
    • What does intelligence mean to the SOC?
    • What does intelligence mean to Incident Response?
  • A day in the life of an intelligence analyst
  • Intelligence Lifecycle
    • Define what your group does
    • Define how your group uses intelligence
    • Define how your group produces intelligence
  • Mitre ATT&CK
    • Tactics
    • Techniques
    • Tools
    • ATT&CK Navigator
    • ATT&CK Examples
  • Chronology and Timelines
    • ATT&CK Chronology
    • Comparing past and present
    • Comparing and contrasting different threat groups
  • Estimative ATT&CK
  • Adversary Targeting – Threat Profiling – Threat Matrices
    • Primary Threats
      • Nation-state
      • Foreign intelligence services
      • Military cyber units
      • Threat groups and proxies
      • Cybercriminals
      • Others
    • Adversary skills
    • Adversary maliciousness
    • Interest in your organization
    • Motivation – objective – conditions
      • Opportunity
      • Triggers
      • Course(s) of action
      • Capabilities
    • Level of automation
    • Potential impact
  • Threat Hunting
    • Purpose and Scope
    • Hunt level maturity
    • Threat Hunting Lifecycle
      • Lifecycle and Maturity Level matrix
    • Patrolling
    • Stalking
    • Searching, clustering, grouping, stack counting
    • Process flow
      • Entry point
      • Plan the hunt
      • Execute the hunt
      • Malicious or not?
      • Document the performed steps
      • Document the findings
      • Prepare the report
      • Hunt Key Metrics
    • Establish priorities Iterative Approaches and Feedback Loop
    • RACIs – who does what
    • Tactical Intelligence Risk
    • Situational Awareness
      • Emerging threats
      • Coordination with other groups
      • Likely adversary courses of action
    • Intake Forms
      • Request for Information (RFI)
      • Responding to RFIs
    • Incident Intelligence
      • Interfacing with the Cyber Threat Intelligence (CTI) teams
      • What do we need from CTI?
      • What can CTI do and what can they not do
    • Indicators Cyber DECIDE, DETECT, DELIVER and ASSESS (D3A) framework
    • Specific information requirements Cyber FIND, FIX, FINISH, EXPLOIT, ANALYZE and DISSEMINATE (F3EAD) methodology
    • Crown jewel information
      • Checklist questions
      • Possible intelligence requirements (non-prioritized)

Event Properties

Event Date

10-18-2021 07:30

Event End Date

10-22-2021 17:00

Price $3,700.00

Amsterdam

Contact Treadstone 71 Today for all your Cyber Intelligence needs.

CONTACT US TODAY

: Quick Links

Home
Training
Blog
Terms / Privacy
GDPR Notice

Company
Whitepapers/Briefs
Videos
Contact
Site Map

https://www.treadstone71.com/index.php/cyber-intelligence-training/training-event-listings/cyber-intelligence-training/cyber-intelligence-tradecraft-certification/80-cyber-amsterdam

Categories: