EC-Council Threat Intelligence Essentials (TIE)

Module 01: Introduction to Threat Intelligence

– Understanding Threat Intelligence and Essential Terminology

– Distinguishing Between Intelligence, Information, and Data

– Significance of Threat Intelligence

– Integration of Threat Intelligence in Cyber Operations

– Lifecycle and Maturity Models of Threat Intelligence

– Roles, Responsibilities, and Use Cases of Threat Intelligence

– Utilizing Standards or Frameworks for Measuring Effectiveness

– Hands-on Experience: Establishing SPLUNK Attack Range

Module 02: Types of Threat Intelligence

– Exploring Different Types of Threat Intelligence

– Use Cases for Various Types of Threat Intelligence

– Overview of the Threat Intelligence Generation Process

– Incorporating Threat Intelligence for Regulatory Compliance

– Enhancing Vulnerability Management with Threat Intelligence

– Geopolitical or Industry-Related Threat Intelligence

– Integration of Threat Intelligence with Risk Management

Module 03: Cyber Threat Landscape

– Overview of Cyber Threats, Trends, and Challenges

– Emerging Threats, Threat Actors, and Attack Vectors

– In-depth Analysis of Advanced Persistent Threats

– Understanding the Cyber Kill Chain Methodology

– Vulnerabilities, Threat Actors, and Indicators of Compromise (IoC)

– Geopolitical and Economic Impacts of Cyber Threats

– Impact of Emerging Technology on the Threat Landscape

Module 04: Data Collection and Sources of Threat Intelligence

– Utilizing Threat Intelligence Feeds, Sources, and Evaluation Criteria

– Overview of Data Collection Methods and Techniques

– Comparison of Popular Data Collection Methods

– Considerations for Bulk Data Collection Methods

– Normalizing, Enriching, and Extracting Useful Intelligence from Threat Data

– Legal and Ethical Considerations for Threat Data Collection

– Threat Data Feed Subscription and OSINT Labs

Module 05: Threat Intelligence Platforms

– Introduction to Threat Intelligence Platforms (TIPs), Roles, and Features

– Aggregation, Analysis, and Dissemination within TIPs

– Automation and Orchestration of Threat Intelligence in TIPs

– Evaluation and Integration of TIPs into Existing Cybersecurity Infrastructure

– Collaboration, Sharing, and Threat Hunting Features of TIPs

– Customization of TIPs for Organizational Needs

– Visualization, Reporting, and Decision Making using TIPs

– AlienVault OTX and MISP TIP Platform Labs

Module 06: Threat Intelligence Analysis

– Introduction to Data Analysis and Techniques

– Application of Statistical Data Analysis, Including Analysis of Competing Hypotheses

– Identification and Analysis of Threat Actor Artifacts

– Threat Prioritization, Threat Actor Profiling, and Attribution Concepts

– Leveraging Predictive and Proactive Threat Intelligence

– Reporting, Communicating, and Visualizing Intelligence Findings

– Threat Actor Profile Labs and MISP Report Generation Labs

Module 07: Threat Hunting and Detection

– Operational Overview of Threat Hunting and Its Importance

– Understanding the Threat Hunting Process

– Methodologies and Frameworks for Threat Hunting

– Proactive Threat Hunting Exploration

– Using Threat Hunting for Detection and Response

– Tool Selection and Techniques for Threat Hunting

– Forming Threat Hunting Hypotheses and Conducting Hunts

– Threat Hunting Lab in SPLUNK ATT&CK Range

Module 08: Threat Intelligence Sharing and Collaboration

– Importance of Information Sharing Initiatives in Threat Intelligence

– Overview of Additional Threat Intelligence Sharing Platforms

– Building Trust Within Intelligence Communities

– Sharing Information Across Industries and Sectors

– Building Private and Public Threat Intelligence Sharing Channels

– Challenges and Best Practices for Threat Intelligence Sharing

– Legal and Privacy Implications of Sharing Threat Intelligence

– Sharing Threat Intelligence Using MISP and Installing Anomali STAXX

Module 09: Threat Intelligence in Incident Response

– Integration of Threat Intelligence into Incident Response Processes

– Role of Threat Intelligence in Incident Prevention Using Workflows and Playbooks

– Using Threat Intelligence for Incident Triage and Forensic Analysis

– Adapting Incident Response Plans Using New Intelligence

– Coordinating Response With External Partners

– Threat Intelligent Incident Handling and Recovery Approaches

– Post-Incident Analysis and Lessons Learned Considerations

– Measurement and Continuous Improvement for Intelligence-Driven Incident Response

Module 10: Future Trends and Continuous Learning

– Emerging Threat Intelligence Approaches and Optimization

– Convergence of Threat Intelligence and Risk Management

– Continuous Learning Approaches for Threat Intelligence

– Adapting Professional Skillsets for the Future in Threat Intelligence

– Anticipating Future Challenges and Opportunities in Threat Intelligence

– Engaging in the Threat Intelligence Community and Keeping Abreast of the Threat Landscape

– The Role of Threat Intelligence in National Security and Defense

– Potential Influence of Threat Intelligence on Future Cybersecurity Regulations