SANS FOR578 GCTI Cyber Threat Intelligence
FOR578: Cyber Threat Intelligence is a must-attend for all security practitioners seeking to refine their analytical prowess. This unique course diverges from traditional technical training by prioritizing structured analysis, which builds a robust foundation for any security skill set and enhances existing capabilities.
At its core, cyber threat intelligence systematically analyzes adversaries' intent, opportunity, and capability to inflict harm. Unlike mere data feeds or tool-generated outputs, intelligence offers actionable insights tailored to address an organization's critical knowledge gaps, pain points, or specific requirements. By collecting, classifying, and exploiting knowledge about adversaries, defenders gain a strategic advantage, enabling them to adapt and evolve in response to changing threats.
Cyber threat intelligence is a force multiplier for organizations seeking to bolster their response and detection capabilities against increasingly sophisticated threats. While malware remains a tool in adversaries' arsenals, the actual danger lies in human adversaries' adaptability and persistence. Cyber threat intelligence equips defenders with the knowledge and skills to effectively counter these agile adversaries.
Key Learning Objectives:
- Enhance analytical skills to effectively understand, synthesize, and leverage complex scenarios.
- Identify and formulate intelligence requirements, leveraging practices such as threat modeling.
- Gain proficiency in tactical, operational, and strategic-level threat intelligence analysis.
- Generate actionable threat intelligence to detect, respond to, and mitigate focused and targeted threats.
- Explore diverse sources for collecting adversary data and master techniques for exploiting and pivoting from this data.
- Validate externally sourced information to mitigate the risks associated with inaccurate intelligence.
- Develop Indicators of Compromise (IOCs) using formats like YARA and STIX/TAXII.
- Understand and exploit adversary tactics, techniques, and procedures, leveraging frameworks such as the Kill Chain, Diamond Model, and MITRE ATT&CK.
- Cultivate structured analytical techniques that are applicable across various security roles.
Course Components:
- FOR578 Cyber Threat Intelligence, GCTI Course
- Courseware
SANS FOR578 GCTI Cyber Threat Intelligence
Any pre-loaded packaged materials or subscription-based products, including device-based training programs, and courses that include a device, may not be refunded. Digital products including DVDs may be returned for replacement if found defective
Free Shipping on all orders within the US. International shipping is available.