CYBR 645 Cyber Threat Hunting and Intelligence
In an era of sophisticated cyber threats, organizations rely on proactive threat intelligence and hunting strategies to defend against advanced network intrusions and data breaches. This course equips students with the knowledge and practical skills to collect, analyze, and apply Cyber Threat Intelligence (CTI) at tactical, operational, and strategic levels to enhance cyber threat-hunting operations and defensive cybersecurity mechanisms. Students will evaluate cyber threat intelligence frameworks, including MITRE ATT&CK, to identify adversary tactics, techniques, and procedures (TTPs) and detect advanced cyber threats. The course covers correlating Indicators of Compromise (IoCs) from multiple intelligence sources, including Open-Source Intelligence (OSINT), to strengthen proactive threat detection and response. Emphasis is placed on implementing intelligence-sharing frameworks and protocols to facilitate active cyber defense through threat-hunting and coordinated threat mitigation. Additionally, students will explore ethical considerations in cyber intelligence, ensuring compliance with legal, policy, and organizational standards when collecting, analyzing, and disseminating intelligence. By the end of this course, students will have the expertise to leverage cyber threat intelligence for proactive security measures, enhancing organizational resilience against evolving cyber threats.
First day attendance is mandatory.
Prerequisites: Graduate standing. Note: Students are responsible to both be aware of and abide by prerequisites for CYBR courses for which they enroll, and will be administratively dropped from a course if they have not met prerequisites.
Prerequisites
Special information
Prerequisites: Graduate standing. Note: Students are responsible to both be aware of and abide by prerequisites for CYBR courses for which they enroll, and will be administratively dropped from a course if they have not met prerequisites.
2 Graduate credits
Effective May 6, 2020 to present
Learning outcomes
General
- Describe Cyber Threat Intelligence, its key characteristics, value, and benefits.
- Apply Cyber Threat Intelligence at the tactical, operational, and strategic levels in order to identify sophisticated attacks and improve existing defense mechanisms.
- Examine various models to create consistent and repeatable Cyber Threat Intelligence output.
- Characterize intruders by understanding tactics, techniques, and procedures that are involved in an attack using the MITRE ATT&CK framework
- Interpret various indicators of compromise that are used in performing intrusion analysis.
- Demonstrate the understanding of various protocols and frameworks involved in sharing of cyber threat intelligence.
- Collect and apply cyber threat intelligence from various sources with an emphasis on open source intelligence
- Explain how to consume and create Cyber Threat Intelligence (CTI) within an Active Cyber Defense program.
- Demonstrate ethical behavior appropriate to consuming and dissemination threat intelligence to stakeholders.
Summer 2025
| Section | Title | Instructor | books | eservices |
|---|---|---|---|---|
| 50 | Cyber Threat Hunting and Intelligence | Peeler, Vincent | Books for CYBR-645-50 Summer 2025 | Course details for CYBR-645-50 Summer 2025 |