Threat Intelligence Learning Path

The Threat Intelligence learning path allows you to master the concept of threat intelligence, from intelligence analysis to building a threat intelligence program.

11 hours, 48 minutes

Quick facts

About this learning path

  • courses

    100% online

  • Duration

    11 hours, 48 minutes

  • Assessment


About Threat Intelligence

This learning path provides an introduction to threat intelligence with theoretical, practical and hands-on fundamentals giving students a path towards professional intelligence analysis. As you progress through the courses you will learn tools and techniques used to turn information into intelligence, apply threat intelligence methodologies and learn about threat actors.



Threat Intelligence skill assessment

Assessment - 36 questions

What is threat intelligence?

Course - 00:49:00

Let’s take a closer look at what threat intelligence is. What are the types of intelligence? How would different organizations use threat intelligence? What is the value of threat intelligence, and what is the return on investment (ROI) of threat intelligence?
Threat intelligence sources & language

Course - 02:47:00

In this course, we will look into what kind of intelligence you will find out in the wild, from open-source intelligence to closed-source and human intelligence. We will also explore how to categorize this intelligence by looking at the NATO admiralty codes. Finally, we will look at the threat intelligence language.
Threat intelligence analysis & tools

Course - 01:37:00

This course will outline how to analyze information you already have by presenting some structured analysis techniques to improve your analysis tradecraft. We will also cover Google search terms, some useful open-source tools and information social media can give you.
Threat actors and tracking actors

Course - 01:09:00

We will look at the threat actors in this course: The financially motivated criminal actors with connections to the organized crime syndicates, or the nation-state attackers with the end goal of gaining as much information as possible or wreaking havoc in critical national infrastructure — this course is all about them and more.
Getting everything together

Course - 00:46:00

In addition to tips and tricks in working at different industries and organizations, we will discuss how to work in Security Operations Centers (SOCs), how to help fusion centers and, most importantly, creating finished intelligence products. We will also go over a couple of finished intelligence products I recommend to create depending on your role.
Running your own threat intelligence program

Course - 04:25:00

We will go over working in and running a threat intel program by taking the threat intelligence life cycle as a basis. We will also look at how your organization’s maturity defines your likely threat intel goals and work. Finally, we will go over vendor and vulnerability management and how to work at and manage threat intelligence analysis work.

Meet the author

Petre Venesz

Peter is an experienced Strategic Cyber Threat Intelligence Leader and Information Security Officer with a demonstrated history of working in the government, financial services and manufacturing industry. He is familiar with risk profiles specific to banking and fintech organizations, including emerging threats, classes of attack, and ongoing campaigns. He is proficient with security operations and intelligence tooling, such as next-generation SIEMs, threat intelligence platforms, link analysis tools, and OSINT research platforms. Peter is experienced in leveraging threat intelligence principles in strategic and tactical applications to deliver actionable high-level insights, support real-time intrusion events, and advise vulnerability management operations. He has expertise in tools, techniques, and procedures consistent with both routine cybercriminals and advanced adversary attacks using the cyber kill chain. Has knowledge of all security fundamentals, how they apply in real world situations, and how to gauge control effectiveness.

The details

Learning path insights

How to claim CPEs

Should you complete this learning path, you’ll be able to download a certificate of completion. Use this to claim your CPEs or CPUs.

No software. No set up. Unlimited access.

Skip the server racks and spin up a realistic environment with one click. Infosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning. Unlimited cyber range access is included in every Infosec Skills subscription so your team can skill up however they learn best.

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo