Learning Tracks
Your roadmap to real skills.
Many tracks and dozens of sub-tracks. Every track starts with a free intro lesson.
Learning Tracks
Many tracks and dozens of sub-tracks. Every track starts with a free intro lesson.
What is Threat Intelligence?
Understand the threat landscape and what threat intelligence provides to defenders.
Threat Actors and Motivations
Categorize threat actors by motivation (financial, political, espionage) and learn how attribution works.
Indicators of Compromise
Understand IoCs (IPs, hashes, domains) and how they are shared via STIX/TAXII feeds.
Open Source Intelligence (OSINT)
Learn OSINT collection techniques used by both attackers for recon and defenders for anticipating threats.
Threat Hunting
Use hypothesis-driven hunting with SIEM log data to proactively find hidden threats.
Building a Threat Intelligence Program
Design intelligence collection plans and integrate threat intel into security operations.
Hands-on: MITRE ATT&CK Navigator
Map a real APT (APT29) to its ATT&CK techniques and identify defensive gaps in a Navigator layer.
OSINT Toolkit: Shodan, Censys, VirusTotal, URLscan
Investigate suspicious infrastructure, files, and domains using the canonical free OSINT tools.
Writing a Threat Intelligence Report
Author a 4-6 page threat profile on a documented threat group, using confidence-rated assessment language.
Threat Feeds and ISACs
Distinguish IoCs from IoAs, identify the major ISACs and feeds, and ingest a free feed into a SIEM.
Threat Intelligence Resources and Next Steps
Explore curated feeds, blogs, podcasts, certifications (GCTI), and practice platforms.
Threat Intelligence Job Readiness
Translate CTI skills into a resume, portfolio plan, and interview prep for analyst and threat-hunter roles.