Edu type:
Course or training
Associate degree (EQF 5), Bachelor (EQF 6), Master (EQF 7), MBO-4/HAVO/VWO (EQF 4)
Start date:
Study Load:
12 hrs
2 days
More information


Learn how to collect information on cyber threats and enrich cybersecurity processes with TI data to ensure more effective incident response


About this event

Please register with your corporate email!


Modern cybersecurity would not be where it is today without threat intelligence (TI). TI lies at the heart of any effective IS solution, enriching it with data and information from previously hidden areas of the Internet. By monitoring dark corners such as hacker forums and the dark web, TI analysts are able to see the bigger picture and attribute criminal behavior more accurately.


Group-IB’s Threat Intelligence Analyst course teaches how to collect actionable intel from all types of sources, both public and closed, and how to interpret that data and spot signs that an attack is being prepared. As with all Group-IB courses, lessons include practical exercises based on real cases handled by the company’s TI team. This approach was chosen to ensure that participants can immediately apply what they learn in their day-to-day activities.


Key topics covered:

  • Overview of the threat Intelligence field
  • TI cycle and the three data levels
  • TI use cases for security operations
  • Threat modeling: PASTA, DEAD, VERIS, etc.
  • Attack modeling: cyber kill chain, MITRE ATT&CK models and ATT&CK Navigator
  • Processing of IoCs
  • CTI tools, standards and TIPs
  • Data sources and collection techniques
  • Group-IB TI practice


Skills acquired:

  • Understanding threat intelligence 
  • Collecting relevant data
  • Improved detection and threat modeling using TI


Target participants:

  • Technical specialists with experience in IS
  • Information security specialists
  • SOC/CERT employees 



  • A basic understanding of threat intelligence
  • Some experience in the field of cybersecurity and CTI 


Why Group-IB?

Experience in international investigations

Our training courses are based on 1,200+ successful investigations worldwide.


Technical expertise

All courses are led by GCFA-, EnCE- and MCFE-certified experts.


Practicing experts

The course instructors are current Group-IB specialists, which translates to the most up-to-date and first-hand information for course participants.


Continuously updated program
Course materials are regularly updated with new cases from Group-IB’s experience, which ensures that the course program always reflects the latest trends. 

If you have any questions, please contact us: