The purpose of analysis is to produce intelligence that decreases uncertainty in decision making and therefore reduces risk. This course introduces the information analysis process and how an organization can use it to identify, define and mitigate cybersecurity threats. The intent is to provide participants with a general understanding of the tools and processes needed for an analysis team to create cybersecurity information and intelligence within their organization.
This course establishes a framework for an analytical process, including establishing information and intelligence requirements as well as collecting, processing, analyzing and exploiting relevant data to generate products that provide the organization with cybersecurity situational awareness. Shared analysis can provide actionable information, reduce uncertainty, and thereby reduce risk to enable decision makers.
Objectives
- Establish cyber threat intelligence collection methods
- Cyber threat intelligence analysis
- Understand cyber threat intelligence dissemination and disclosure, including Traffic Light Protocol
- Using Open Source Intelligence
Target Audience
Technical personnel and technical managers within the public and private sectors affiliated with an agency or organization as part of the nation’s critical infrastructure.
What have other participants found valuable about this course?
“I think the course as a whole was valuable as someone with little to no knowledge of the subject matter; this course provided overall information I can take back to my agency.”
“The online tools for evaluating domain security. I currently review governments cybersecurity program and being able to evaluate their domain in a nonintrusive manner will be helpful.”
“Just the course overall. I am in IT for a school district, but nothing cybersecurity related is in my job role. This course has helped me decide to travel down the road to advancing my career in the cybersecurity realm.”
“The labs, particularly introduction to using OSINT tools, NMAP, Splunk, and the demo writing a CTI report. I also appreciate that the [instructor-led, virtual] course was over 4 half days, instead of 2 full days. Taking a few hours each day and still being able to get some work done in the afternoon was very helpful.”
“The practical labs using Splunk. My organization doesn’t have a SIEM at this time. This allowed me to play around with one and see the value it has.”
“The labs helped reinforce the course material. I also appreciated the feedback and information provided by the fellow course takers. The diversity of experience and organizations is beneficial.”
Register Now
Registration is open for this course:
- Virtual – WebEx Webinar
- Feb 24, 25, 26, 27
- 8 a.m. – 12 p.m. Central
- Register here
- Honolulu, HI
- July 31 – August 1, 2025
- Part of a 2-week, 4-course run at Fort Ruger:
- Register here