Certified Cyber Threat Intelligence Analyst


Certified Cyber Threat Intelligence Analyst, Singapore elarning online course

Course Description

The Cyber Security Threat Intelligence Researcher Certification will help you acquire the skills needed to find out who is behind an attack, what the specific threat group is, the nation from which the attack is being launched, as well as techniques being used to launch this attack.

You will know how to take a small piece of malware, find out who is responsible for launching it, the threat actor location and also how to take down that threat actor, with the support of your local law enforcement.

In today’s cyber security landscape, it isn't possible to prevent every attacks. Today’s attackers have significant funding, are patient, sophisticated, and target vulnerabilities in people and processes as well as technologies. With organizations increasingly relying on digitized information and sharing vast amounts of data across the globe, they have become easier targets for many different forms of attack. As a result, every company’s day-to-day operations, data and intellectual property are seriously at risk. In a corporate context, a cyber attack can not only damage your brand and reputation, it can also result in loss of competitive advantage, create legal/regulatory noncompliance and cause steep financial damage.

Today’s secure environment will have vulnerabilities in it tomorrow, so an organization cannot allow itself to become complacent. There is only so much an organization can do by defending itself against threats that have already occurred. If an organization only reacts to new threats as they come up, are likely acting too late. It is important to understand and prioritize cyber threat intelligence processes, and how they can be integrated into an organization’s security operations in a way that adds value.

Cyber threat intelligence (CTI) is an advanced process enabling organizations to gather valuable insights based on analysis of contextual and situational risks. These processes can be tailored to the organization’s specific threat landscape, industry and market. This intelligence can make a significant difference to organizations' abilities to anticipate breaches before they occur. Giving organizations the ability to respond quickly, decisively and effectively to confirmed breaches allows them to proactively maneuver defense mechanisms into place, prior to and during the attack.

In this course, we’ll introduce you to the 8 phases of threat intelligence:

Hunting - The goal of hunting is to establish techniques to collect samples from different sources that help to start profiling malicious threat actors.

Features Extraction - The goal of Features Extraction is to identify unique Static features in the binaries that help to classify them into a specific malicious group.

Behavior Extraction - The goal of Behavior Extraction is to identify unique Dynamic features in the binaries that help to classify them into a specific malicious group.

Clustering and Correlation - The goal of Clustering and Correlation is to classify malware based on Features and Behavior extracted and correlate the information to understand the attack flow.

Threat Actor Attribution - The goal of Threat Actors is to locate the threat actors behind the malicious clusters identified.

Tracking - The goal of tracking is to anticipate new attacks and identify new variants proactively.

Taking Down - The goal of Taking down is to Dismantled Organized Crime Operations


Course Objectives

1. Phases Overview
2. Hunting
3. Features Extraction
4. Behaviour Extraction
5. Clustering & Correlation
6. Attribution
7. Tracking
8. Taking Down


Related Courses

  • 1st step to certification: Querying Microsoft SQL Server 2012 (70-461)

    1st step to certification: Querying Microsoft SQL Server 2012 (70-461)

    SGD $49.00

    Course Description

    The 2012 Microsoft MCSA Certification track includes Exam 70-461 Querying Microsoft SQL Server 2012. The ability to work with Transact-SQL and understand the specifics of querying Microsoft SQL server is a fundamental skill. This VTC course is intended for SQL Server database administrators, implementers, system engineers, and developers who are preparing to take the 70-461 exam as well as those who are just beginning to learn Transact-SQL. Mark Long is the instructor and will take you through the various tools and concepts needed to help you get ready for the 70-461 exam. Be fully prepared for your certifications exams!- Learn of the examination outline before sitting for your certification - Know and understand the topics that may be covered in your examinations- Learn and understand the chapters for each tailored certification - Go through past questions to have a feel of the examinationsThis course is SkillsFuture Credit Eligible.

    Read more...

  •  1st step to certification: Installing and Configuring Windows Server 2012 (70-410)

    1st step to certification: Installing and Configuring Windows Server 2012 (70-410)

    SGD $45.00

    Course Description

    Microsoft's Server operating systems have powered business for over 20 years. In the beginning, it was all about connectivity in the local area network; now it's all about connectivity in the cloud. Microsoft calls Server 2012 ’the Cloud OS’ and is branding it as being ’built from the cloud up.’ Their goal with this product is to deliver the power of many servers with the simplicity of one. Achieving a Microsoft Certification on this product is an excellent career move. In this VTC course, Mark Long brings 20+ years of experience with Microsoft technologies along to help you understand the features and functionalities of Windows Server 2012 from the standpoint of preparing for certification exam 70-410 Installing and Configuring Microsoft Windows Server 2012.  Be fully prepared for your certifications exams! - Learn of the examination outline before sitting for your certification  - Know and understand the topics that may be covered in your examinations - Learn and understand the chapters for each tailored certification  - Go through past questions to have a feel of the examinations

    Read more...

  • Certification at Your Fingertips - Cisco 200-101: CCNA - ICND2 - Interconnecting Cisco Networking Devices Part 2

    Certification at Your Fingertips - Cisco 200-101: CCNA - ICND2 - Interconnecting Cisco Networking Devices Part 2

    SGD $589.00

    Course Description

    Practice Lab  This course comes with a Remote Practice Environment, a virtual remote environment; where you are able to practically apply the skills you have learned on the respective server, systems and networks. With this platform, get one step ahead in your preparation for your certification exams! Whether it’s Cisco, Microsoft or VMware, our Practice Lab unifies access to all of these vendors through a web browser interface. Pre-configured hardware layouts with accompanying lab guides for fast, convenient access to gain hands on experience. With step-by-step instructions covering thousands of practical tasks across Cisco, Microsoft, VMware and CompTIA exam titles, the Practice Lab makes studying for an exam or learning new technologies an engaging experience. What this course prepares you for: This course is designed as preparation for the Cisco 200-101 ICND2 exam. The 200-101 Interconnecting Cisco Networking Devices Part 2 (ICND2) is the exam associated with the CCNA Routing and Switching certification. The exam tests a candidate's knowledge and skills required to successfully install, operate, and troubleshoot a small to medium-size enterprise branch network.  This course comes with a Simulated Practice Environment, a virtual remote environment; where you are able to practically apply the skills you have learned on the respective server, systems and networks. With this platform, get one step ahead in your preparation for your certification exams.  Ace your certification examination with this preparation course! - Learn of the examination outline before sitting for your certification  - Know and understand the topics that may be covered in your examinations - Understand both practical and theory aspects of the examination - Apply the practical skills through the Simulated Practice Environment

    Read more...


Content

Phases Overview

+

Threat Intelligence Researcher Course Intro

Phases Overview Part 1

Hunting Part 1

Hunting Part 2

Threat Actor Attribution Part 2

Tracking

Taking Down

Phases Overview Part 2

Phases Overview Part 3

Features Extraction Part 1

Features Extraction Part 2

Behavior Extraction Part 1

Behavior Extraction Part 2

Behavior Extraction Part 3

Clustering and Correlation

Threat Actor Attribution Part 1

Hunting

+

VirusTotal Part 1

VirusTotal Part 2

Hacking Forums Part 1

Hacking Forums Part 2

Hacking Forums Part 3

DeepWeb Part 1

DeepWeb Part 2

Honeypot and OSINT

Features Extraction

+

Features Extraction Goal Part 1

Features Extraction Goal Part 2

Import Table Hash (imphash) Part 1

Import Table Hash (imphash) Part 2

Fuzzy Hash (ssdeep)

Behavior Extraction

+

Dynamic Indicators Part 1

Dynamic Indicators Part 2

Dynamic Indicators Part 3

Dynamic Indicators Part 4

Process Infector and Keyloggers

Passive DNS (DNSDB) Part 1

Passive DNS (DNSDB) Part 2

Clustering & Correlation

+

How Clustering & Correlation Works Part 1

How Clustering & Correlation Works Part 2

How Clustering & Correlation Works Part 3

How Clustering & Correlation Works Part 4

GraphDB Part 1

GraphDB Part 2

Initial Compromise

Privilege Escalation

Persistence

Lateral Movement Part 1

Lateral Movement Part 2

Exfiltration Strategy

Profiling the Attacker

Attribution

+

Where are they Located? Part 1

Where are they Located? Part 2

Who are the Targets?

Initial Compromise

Tracking

+

Passive DNS & Internet Port Scan Part 1

Passive DNS & Internet Port Scan Part 2

Passive DNS & Internet Port Scan Part 3

Passive DNS & Internet Port Scan Part 4

Lookups, OSINT, and Hacking Forums Part 1

Lookups, OSINT, and Hacking Forums Part 2

Taking Down

+

Sinkhole Part 1

Sinkhole Part 2

How it works? Part 1

How it works? Part 2

Hacking Forums

Victims Notification

SGD $299.00
(Price excludes GST)
GET ACCESS NOW
Convince your boss email
This site is best viewed using the latest versions of Google Chrome, Apple Safari, Mozilla FireFox, Microsoft Internet Explorer 11 and Edge which supports HTML5/Webkit technologies.