Call Us (+65) 6227 2883
Call Us (+65) 6227 2883
This course is presented as Live Virtual Training. Click for more details.

Presented by ALC in association with

Certified Threat Intelligence Analyst (C|TIA) is a training and credentialing program designed and developed in collaboration with cybersecurity and threat intelligence experts across the globe to help organizations identify and mitigate business risks by converting unknown internal and external threats into known threats. It is a comprehensive specialist level program that teaches a structured approach for building effective threat intelligence.

The program was based on a rigorous Job Task Analysis (JTA) of the job roles involved in the field of threat intelligence. This program differentiates threat intelligence professionals from other information security professionals. It is a highly interactive, comprehensive, standards-based, intensive 3-day training program that teaches information security professionals to build professional threat intelligence.


Course Presenter - Wayne Burke

Wayne Burke is internationally recognised for his commitment, achievements and contributions to the IT Security Industry. Wayne is currently the VP of Cyber2Labs, specialising in offensive and defensive technologies for autonomous Unmanned Aerial Systems (Drones), building and managing new high-tech security tools, custom hardware solutions for Penetration Testing, Mobile Security and Digital Forensics.

Wayne and his group have delivered Security assessments, Penetration Test assignments and customised training for International Corporations and many Government Agencies such as: EPA, FAA, DOJ, DOE, DOD + 8570: Air Force, Army, Navy, Marines, CIA, FBI, NSA and many more USA Gov bodies. In Europe: NATO, Europol, MOD (Military of Defense UK) various EU Law Enforcement, Dutch Ministry of Defense, Ministry of Justice, local European Law Enforcement: UK, Ireland, Switzerland, Belgium, Holland, Denmark. In Asia: Singapore Gov, Philippines’ Presidential Office, the Undersecretary, and Cyber Crime Police Specialist Unit. Jakarta, Tax Investigations Office. Various Malaysian Gov agencies. His experience in the public / defense sector is equally complemented by assignments undertaken for heavyweight world renowned corporations.

Wayne holds a number of professional qualifications in IT Security (CEH, CND, ECSA, LPT, CHFI, CIW-SA, Security+) and Networking (MCT, MCSE, Cisco, Network+).

Learning outcomes

  • Key issues plaguing the information security world
  • Importance of threat intelligence in risk management, SIEM, and incident response
  • Various types of cyber threats, threat actors and their motives, goals, and objectives of cybersecurity attacks
  • Fundamentals of threat intelligence (including threat intelligence types, lifecycle, strategy, capabilities, maturity model, frameworks, etc.)
  • Cyber kill chain methodology, Advanced Persistent Threat (APT) lifecycle, Tactics, Techniques, and Procedures (TTPs), Indicators of Compromise (IoCs), and pyramid of pain
  • Creating effective threat intelligence reports
  • Various steps involved in planning a threat intelligence program (Requirements, Planning, Direction, and Review)
  • Different types of data feeds, sources, and data collection methods
  • Threat intelligence data collection and acquisition through Open Source Intelligence (OSINT), Human Intelligence (HUMINT), Cyber Counterintelligence (CCI), Indicators of Compromise (IoCs), and malware analysis
  • Bulk data collection and management (data processing, structuring, normalization, sampling, storing, and visualization
  • Different data analysis types and techniques including statistical Data Analysis, Analysis of Competing Hypotheses (ACH), Structured Analysis of Competing Hypotheses (SACH), etc.)
  • Complete threat analysis process which includes threat modeling, fine-tuning, evaluation, runbook, and knowledge base creation
  • Different data analysis, threat modeling, and threat intelligence tools
  • Threat intelligence dissemination and sharing protocol including dissemination preferences, intelligence collaboration, sharing rules and models, TI exchange types and architectures, participating in sharing relationships, standards, and formats for sharing threat intelligence
  • Creating effective threat intelligence reports
  • Different threat intelligence sharing platforms, acts, and regulations for sharing strategic, tactical, operational, and technical intelligence

Who should attend

  • Ethical Hackers
  • Security Practitioners, Engineers, Analysts, Specialist, Architects, Managers
  • Threat Intelligence Analysts, Associates, Researchers, Consultants
  • Threat Hunters
  • SOC Professionals
  • Digital Forensic and Malware Analysts
  • Incident Response Team Members
  • Any mid-level to high-level cybersecurity professionals with a minimum of 2 years of experience.
  • Individuals from the information security profession and who want to enrich their skills and knowledge in the field of cyber threat intelligence.
  • Individuals

Course contents

  • Introduction to Threat Intelligence
  • Cyber Threats and Kill Chain Methodology
  • Requirements, Planning, Direction, and Review
  • Data Collection and Processing
  • Data Analysis
  • Intelligence Reporting and Dissemination

Course fees

The course fee per person is:

$2,400 + GST


All participants will be issued with an exam voucher for the exam to be taken online after the course:

  • 50 Multiple Choice Questions
  • 2 Hours Duration
  • Passing score of 70%
  • Exam Title: Certified Threat Intelligence Analyst


Top 10 Critical Components of C|TIA

1. 100% compliance to NICE 2.0 and CREST frameworks C|TIA maps 100 percent to the National Initiative for Cybersecurity Education (NICE) in the category “Analyze” and specialty area “Threat/Warning Analyst (TWA)”, as well as the “CREST Certified Threat Intelligence Manager (CC TIM).”

2. Focus on developing skills for performing various types of threat intelligence
It focuses on developing the skills to perform different types of threat intelligence including strategic, operational, tactical, and technical threat intelligence for a particular organization.

3. Emphasis on various data collection techniques from multiple sources and feeds
It emphasizes various data collection techniques from various sources and feeds. It allows students to employ different data collection strategies to collect relevant threat information.

4. Emphasis on collection, creation, and dissemination of Indicators of Compromise (IoCs) in various formats C|TIA discusses Indicators of Compromise (IoCs) indetail, including internal and external IoCs. It illustrates how to acquire these IoCs from various sources. IoCs are a good source of information about cyber threats and an organization can easily detect cyber- attacks and respond in time by monitoring IoCs. C|TIA elaborately explains how to create and disseminate these IoCs.

5. Focus on intense malware analysis to collect adversary data and pivot off of it
It explains in detail how to reverse engineer malware and pivot off of it in order to determine the origin, functionality, and potential impact of malware as well as determine the threat actor. This is a crucial skill required for threat intelligence analyst.

6. Focus on a structured approach for performing threat analysis and threat intelligence evaluation Analyzing the collected threat data and evaluating the required threat intelligence from the analysis process is one of the crucial steps for extracting threat intelligence. C|TIA discusses a structured approach that can be employed by an analyst for performing threat analysis and also threat modeling. This program also illustrates how to fine-tune the analysis process in order to filter out unnecessary information and extract effective intelligence. C|TIA also discuss different types of threat intelligence evaluation techniques for acquiring desired intelligence.

7. Focus on various techniques for threat intelligence reporting and dissemination C|TIA emphasizes the creation of efficient threat intelligence reports. It describes building blocks for threat intelligence sharing along with different sharing rules and models. It explains the best practices for sharing TI and also discuss different intelligence sharing acts and regulations.

8. Hands-on program More than 40 percent of class time is dedicated to the learning of practical skills, and this is achieved through EC-Council labs. Theory to practice ratio for C|TIA program is 60:40, providing students with a hands-on experience of the latest threat intelligence tools, techniques, methodologies, frameworks, scripts, etc. C|TIA comes integrated with labs to emphasize the learning objectives.

9. Lab environment simulates a real-time environment The C|TIA lab environment consists of the latest operating systems including Windows 10 and Kali Linux for planning, collecting, analyzing, evaluating, and disseminating threat intelligence.

10. Covers latest threat intelligence tools, platforms, and frameworks The C|TIA course includes a library of tools, platforms, and frameworks across different operation platforms that are required by security professionals to extract effective organizational threat intelligence. This provides a wider option to students than any other program on the market.