Cyber Threat Intelligence

Upskilling Course, 40 Academic Hours

Deep Dive: Cyber Threat Intelligence and Threat Hunting Techniques

This unique and fascinating course was specifically designed for those technology and cybersecurity professionals who want to take the next step in expanding their knowledge of Cyber Threat Intelligence and Threat Hunting Techniques.

The purpose of this course is to familiarize students with the world of Cyber Threat Intelligence and Threat Hunting investigations, with an emphasis on OSINT tools in the finance industry, ethical hacking, malware analysis, and digital forensics processes.

By enrolling in this course, you will be immersing yourself in the dynamic field of Cyber Threat Intelligence, gaining critical skills in identifying, analyzing, and mitigating digital threats

Who Is This Course For?

Incident responders, analysts and team leaders
System administrators
Cyber security practitioners and security architects (TIER 1 and TIER 2 analysts)
SOC Managers
STEM students

Prerequisites

Advanced knowledge of Microsoft Operating Systems
Understanding of networks and protocols
Basic knowledge of monitoring and security devices
IT background

Learning Objectives

Detect, identify, and contain common cyber security incidents
Identify suspicious malware activity and malicious code on your endpoints
Analyze malware with several techniques (static and dynamic)
Collect intelligence from different sources and tools
Perform threat hunting and find abnormal behavior

What You'll Get...

Course presentation as a PDF file
Cheat sheets and useful documentation
“Swiss Army Knife” - 3Gb of IR tools
22 hours of practical learning experience through hands-on activities on local environments
A Wawiwa certificate upon successful completion of the course.

In addition, you may choose to augment your team’s course to include preparation for relevant cybersecurity industry certification tests, at an additional cost. The cybersecurity certifications that this course can be used to prepare for include: GIAC Open Source Intelligence (GOSI), GIAC Certified Enterprise Defender (GCED), and GIAC Cyber Threat Intelligence (GCTI).

Relevant Cybersecurity certifications

Note: An industry certification is neither offered nor guaranteed as part of the course.

Professional Supervisor and Instructors

Supervising all Wawiwa Cyber courses is Mr. Nadav Nachmias, Head of Cybersecurity Programs at Wawiwa.

The course instructors are cybersecurity professionals with hands-on experience as well as training skills. The technical level of the course can be adjusted according to the audience.

Nadav Nachmias

Head of Cybersecurity Programs

Nadav is a Cybersecurity Specialist with over 15 years of experience, focusing on Cybersecurity strategies, architecture, and workforce empowerment. His practical experience made it intuitive for him to develop diverse training programs and materials in several Cybersecurity fields (including Cybersecurity Management, Incident Handling and Response, and Cyber Forensics).

What Do Graduates Have to Say?

"I always found interest in cybersecurity. I had a passion for this huge field that keeps evolving. I looked for courses online, and found that most of them are very hands off, a video running on a website. Then I found Wawiwa’s Cybersecurity program. I registered and throughout the program, actually found myself looking forward to class. It’s a live session, with a lot of practical work, working on real-life cyber tools and experiencing what they can do. The instructors have real-life stories and examples from the field to get points across. It makes the program really exciting!”

Course Syllabus

Module 1: Event Handling Methodologies (IR) (3 Theoretical Hours, 2 Practical Hours)

Cybersecurity Technologies
Cyber Security Operation Center (SOC)
SOC Building Blocks
Common Cybersecurity Terminology
Internal/External Communication
Critical Assets
Risk Assessment
Events vs. Incidents
NIST Framework
IR Phases

Module 2: Introduction to the World of Attack (1 Theoretical Hour)

Introduction to Cyber Attacks
Threat Actors
Threat Vectors
Cyber Kill Chain Attacks
Common Terminology
Ethical Hacking Tools

Module 3: Malware Analysis (2 Theoretical Hours, 2 Practical Hours)

Malware Analysis Fundamentals
Types of Malware
Malware Functionality (Behavior, Persistency, Encoding, etc.)
Armored Malware (Packing, Entropy, Fileless, etc.
Investigation Techniques (Static and Dynamic)
Basic Static Analysis
Basic and Advanced Dynamic Analysis
Common Investigative Tools
Evasion Techniques
Anti-Reverse-Engineering
Anti-Disassembly
Anti-Debugging
Anti-Virtual Machine Techniques

Module 4: Digital Forensics (3 Theoretical Hours, 3 Practical Hours)

Overview of Data Analysis
Understanding Data Analysis Techniques
Overview of Threat Analysis
Understanding Threat Analysis Process
Overview of Fine-Tuning Threat Analysis
Understanding Threat Intelligence Evaluation
Creating Runbooks and Knowledge Bases
Overview of Threat Intelligence Tools

Module 5: Intelligence Gathering in the Cyber World (1 Theoretical Hour, 4 Practical Hours)

Introduction to Cyber Threat Intelligence (CTI)
Defining Threats
Tactics and Strategies
Online Tools (Search Engines, Social Networks, Pictures, etc.)
OSINT (Maltego, Foca, Shodan, etc.)
Overview of Data Analysis
Understanding Data Analysis Techniques
Overview of Threat Analysis
Understanding Threat Analysis Process
Overview of Fine-Tuning Threat Analysis
Understanding Threat Intelligence Evaluations
Creating Runbooks and Knowledge Bases

Module 6: Cyber Challenge (CTF Platform) (2 Theoretical Hours, 3 Practical Hours)

Tailormade CTF
CTF Solution

Module 7: Threat Hunting (2 Theoretical Hours, 4 Practical Hours)

Six-Step Incident Response Process
The Problem
“Whack a Mole”
Containment and Intelligence Development
Moonlight Maze APT
Hunting Versus Reactive Response
IR and Hunt Team Roles
Know Abnormal, Find Evil:
- What is Normal?
  - Unusual Windows Behavior
    - Memory Artifacts
    - OS Artifacts

Module 8: Use Our Tools Drill (2 Theoretical Hours, 2 Practical Hours)

Email Investigation
Website Investigation
Social Network Investigation
Online Account Investigation
Bitcoin Wallet Investigation

Module 9: “Darknet” Mode (2 Theoretical Hours)

Diving into The “Darknet”
Safe Browsing on the Darknet
Credit Card Stores Investigation
Closed Forums and Markets

Module 10: Course Final Drill (2 Practical Hours)

Final Exam: ‘Find the Secret’ Drill – Theoretical Exam and Hands-on Intelligence Investigation

Give your team the edge they need to succeed with our comprehensive courses, tailored to your specific needs.

Interested in more details?

We’d be happy to answer all your questions!

Partner with Wawiwa to offer tech training programs in less than 6 months!

Wawiwa bridges the tech skills gap by reskilling people for tech professions in high demand. There are millions of tech vacancies and not enough tech professionals with the relevant knowledge and skills to fill them. What the industry needs of employees is not taught in long academic degrees. Wawiwa helps partners around the world to reskill, and upskill people for tech jobs through local tech training centers or programs. The company utilizes a proven training methodology, cutting-edge content, digital platforms for learning and assessment, and strong industry relations, to deliver training programs that result in higher employability and graduate satisfaction. This, in turn, also creates a strong training brand and a sustainable business for Wawiwa’s partners.