Threat intelligence is an emerging concept, recently needed in all industries, to protect companies from attacks. Gathering this intelligence should be done by a separate, qualified team, however, this is still not quite the case for many companies.
Empower your analysis skills
Intelligence gathering is a process that requires timeliness, relevancy, and accuracy; therefore having professionals do the job, is crucial for enterprises. For that, we have covered the top 10 certifications to empower analysis skills to briefly describe the certification a threat intelligence analyst should target first. However, skill shortage is still a great concern for the cybersecurity community – with emerging threats growing each day, there are new tools needed to detect them, and a small staff that is required to know how to use most of those tools.
Be curious: Learn for free
If enterprises try to educate the staff in order to catch the rate of relevant tools for intelligence gathering, they will end up with high training and certificates bills. However, the curious nature of threat intelligence analysts is just enough. With plenty of free courses out there, a well-educated staff will always try to keep up with the new stuff.
A free course may not be perfect to enter a certificate exam, however, a good and clean start, mixed with great curiosity to practice and prove your skills, will always show results. It all depends on the person.
There are plenty of free courses, however, time is a valuable essence – and you do not want to spend hours listening to outdated information. Cyber threat intelligence gathering is a process constantly requiring new skills, and for this reason, a course teaching you the process needs to be filled with the latest information – or it might be evaluated as useless.
To help you with a good start in this career path, we are listing here a few free courses you can check, and start your threat intelligence adventure.
It is always better to start with introductory courses and actually listen to a few of them, not just one. This will help you get the main idea of what you are about to deal with. You will see that all introductory courses have, pretty much, the same overview, and listening to similar content from different instructors, helps you get the core of the topic.
Here are three different introductory courses which are given by different online course providers:
1. Introduction to Threat Intelligence by Pluralsight
In this course, you will find the basics of threat intelligence that any introductory TI course should include. There is also a part specifically for the CTIA Certification, which should be every beginner threat intelligence analyst’s target. By the end of the course, you’ll be able to learn something about the famous must-know frameworks (Cyber Kill Chain, Diamond Model, MITRE ATT&CK, NICE, and CREST)
The course is divided into these parts:
- Defining threat intelligence analysis
- Understanding intelligence
- Understanding cyber threat intelligence
- Evaluating threat intelligence lifecycle and frameworks
Course duration: 1h 9m
2. Intro to Cyber Threat Intelligence by Cybrary
This is another introductory course for CTI that covers the history, main concepts, and definitions of CTI. Different from the previously mentioned course, this one gives an explanation of what are the roles of CTI in different cybersecurity-related sections of a company.
The course is divided into these parts:
- Introduction to cyber threat intelligence
- History and main concepts and definitions of cyber threat intelligence
- Intelligence-driven security
- Cyber threat intelligence role in SOC, IR and risk analysis
- Cyber threat intelligence for fraud prevention
- Cyber threat intelligence frameworks
- Developing the core of cyber threat intelligence
Course duration: 4h 30m
3. IBM Cyber Threat Intelligence by Coursera
Another beginner level, yet quite a longer CTI course provided by Coursera and offered by IBM. It has a 4 weeks program, covering:
- General concepts of threat intelligence
- Data loss prevention and mobile endpoint protection
- Scanning technologies
- Application security and testing
- SIEM platforms
Course duration: Approx. 29h
OSINT is an essential methodology used by threat intelligence analysts to gather the right data. It is an emerging trend, with ever-changing tools, however, the fundamentals are the same – OSINT tools help you gather publicly available data on the internet. Knowing which tool to use, for which action, to create intelligence, is very important. Therefore a good OSINT knowledge is very useful when beginning with threat intelligence gathering. But keeping up with these tools is even more difficult. Although the perfect solution would be to attend professional training from, let say, SANS Institute, leveraging free courses can help as well.
4. OSINT – Tools & Techniques – Free Demo by Udemy
OSINT beginner courses can be for everyone who is curious and wants to look for data in the right place – Just like this one. It covers:
- Fundamentals of OSINT
- The required hardware/software to start your experience
- Add-on instructions
- Advanced searching
- Social media
- Photos and maps
Course duration: 58m
5. OSINT Fundamentals by Cybrary
Similar to the previously mentioned course, this one explains the essentials of OSINT, what it is, who is it for, and how to use a few tools.
This course covers:
- Theory: What is OSINT
- OSINT playground
- Tools and techniques
- Sock puppets
- OSINT defense
Course duration: 2h 26m
Other helpful courses
Those planning to attend this course need to be familiar with current breaches and exploits. This course intends to describe in detail concepts like threat hunting, feature extraction, behavior extraction, clustering and correlation, threat actor attribution, tracking, and takedown.
Course duration: 1h 42m
7. Cybersecurity and the X-Factor by Coursera
This course is mainly about human behavior in and out of the company which is known as the X-factor. There is also a module of the course talking specifically about threat intelligence.
Course duration: Approx. 12h
8. Intro to Threat Hunting by Cybrary
Threat hunting is a very interesting and exciting activity for most cybersecurity enthusiasts. Threat intelligence gathering is a very important part of it, and more specifically, knowing how to operate safely. This is a coming soon course provided by Cybrary.