Hello and thank you for your interest in the Online Edition of Paralus LLC's Operational Threat Intelligence course.

Due to the ongoing COVID-19 event, Paralus is unable to offer the Operational Threat Intelligence Course (https://paralus.co/training/) in-person as designed. Instead of a two day, 16 hour course (including breaks, lunch, etc.), the course material has been adjusted to a five day, two hours per day online training event. Participation in limited to (approximately) 20 students to ensure maximum interaction and facilitate discussion.

Scheduling:
14-18 September 2020, 1800-2000 US Eastern Time

Cost:
$500 USD

Course Description:
When used properly, cyber threat intelligence allows an organization to leverage another’s breach or incident to their own benefit. Yet while many cyber threat intelligence courses and guides exist, these are primarily designed for developing long-range, in-depth intelligence products for strategic or similar overview with an overemphasis on theory and little experience in practice. Operational threat intelligence instead supports a different audience: day to day security work and network defense. While cyber threat intelligence must always meet standards for accuracy, relevancy, and timeliness, SOC watch-standers and IR personnel need enriched information now in order to execute their jobs.

This course fills a critical role that other training does not address: how to successfully embed cyber threat intelligence operations into the daily rhythm of security to support everyday tasks, and extraordinary incidents. Toward that end, while this course will briefly touch on theoretical concepts such as analysis of competing hypotheses, kill chain methodology, and other ideas, the real focus will be on what efforts make operational threat intelligence possible and sustainable:

1. Establishing roles, responsibilities, and service agreements in advance.
2. Determining priorities, intelligence requirements, and customer threat landscape.
3. Molding threat intelligence information to security tools to make enriched information useful and actionable.
4. How to analyze internal and external data sources to extract actionable threat intelligence for operational defenders.
5. An extensive walk-through of IOC analysis, pivoting, and information enrichment to demonstrate how to better equip defenders to respond to emerging threats.
6. Discussions on reporting, feedback, and closing the intelligence loop to definitively show how threat intelligence operations link to SOC, IR, and security policy entities.

The course then emphasizes the nature of pivoting, data and observable enrichment, and quick analysis reporting to close out instruction.

Attendees will receive a certificate of completion following the course to record for training and CPE purposes.