The course will provide students with knowledge and practical skills in the field of cyber threat hunting and intelligence that can be leveraged to defend against sophisticated network intrusions and loss of proprietary information. The course will discuss various phases of the intelligence lifecycle including developing intelligence requirements, collecting, analyzing, and disseminating information; and using cyber threat intelligence to improve security at the tactical, operational, and strategic levels.
- Describe Cyber Threat Intelligence, its key characteristics, value, and benefits.
- Apply Cyber Threat Intelligence at the tactical, operational, and strategic levels in order to identify sophisticated attacks and improve existing defense mechanisms.
- Examine various models to create consistent and repeatable Cyber Threat Intelligence output.
- Characterize intruders by understanding tactics, techniques, and procedures that are involved in an attack using the MITRE ATT&CK framework
- Interpret various indicators of compromise that are used in performing intrusion analysis.
- Demonstrate the understanding of various protocols and frameworks involved in sharing of cyber threat intelligence.
- Collect and apply cyber threat intelligence from various sources with an emphasis on open source intelligence
- Explain how to consume and create Cyber Threat Intelligence (CTI) within an Active Cyber Defense program.
- Demonstrate ethical behavior appropriate to consuming and dissemination threat intelligence to stakeholders.