CSEC412
Applied Threat Intelligence
Faculty Profiles
Vicente Díaz
Threat Intelligence Strategist at VirusTotal
Marc Rivero Lopez
Senior Security Researcher GReAT at Kaspersky
Course length
Duration
Total hours
Credits
Language
Course type
Fee for single course
Fee for degree students
Skills you’ll learn
Overview
Threat Intelligence is a discipline used by all major companies and governments to understand and investigate new threats, and ideally do something about them. It is both a science and to some degree, inspiration. During the last years, the security community has developed new tools and techniques that can dramatically improve the actionability of Threat Intelligence. In this (very practical) course we will provide an overview of this discipline, what are the associated tools and we will explore how to use Threat Intelligence for different goals, including Incident Response, Threat analysis, and monitoring, Threat Hunting, and attribution.
Learning highlights
- Understand what is the Threat Intelligence cycle.
- Realistic outcomes and applicability of Threat Intelligence.
- Monitoring threats, hunting for new ones and getting contextual information.
- Distilling intelligence from data.
- Effective reporting.
Course outline
15 classes
Session 1
Threat Intel lifecycle
Session 2
Threat Intel platforms
Session 3
YARA
Session 4
TTPs and Hunting
Session 5
Hunting (cont) and reporting
Session 6
Analysis lab
Session 7
Analysis lab (cont)
Session 8
Memory analysis
Session 9
Class exercise - from research to report
Session 10
Final Exercise
Session 11
Final Exercise
Session 12
Final Exercise
Session 13
Final Exercise
Session 14
Final Exercise
Session 15
Final Exercise
Prerequisites
Basic TCP/IP knowledge
Usage of Virtual machine software such as Virtualbox or VMWare
Basic scripting programming languages such as bash, python, etc.
Methodology
The course will include a series of practical lectures on different topics. During the lectures, we will do exercises and discuss the results. At the end of the course, there will be group work based on all the learned techniques, which will be later presented and discussed.
Grading
Vicente is a specialist in Threat Intelligence and Threat Hunting. He works in the VirusTotal team in Google as Threat Intelligence Strategist.
He holds a degree in Computer Science and an MsC in Artificial Intelligence. He was e-crime manager in S21sec for 5 years and deputy director for EU in Kaspersky's Global Research and Analysis team for almost 10 years, where he was co-creator and responsible for the APT Intelligence Reporting service.
See full profileMarc joined Kaspersky in 2020 as a Senior Security Researcher working from Spain. His specialties are Threat Intelligence, Reverse Engineering, Digital Forensics.
Marc is a regular speaker in national and international conferences and usually trains other professionals in the field. He has a degree in Intelligence and developed his activity working on financial institutions, involving CERT/CSIRT teams; he usually held the Head of Research position at several companies on his professional activity. Marc also participates in several lead European projects related to fraud, cybercrime, and targeted attacks. As part of his professional activity, he is also the Master in Computer Security coordinator at «La Salle Barcelona.»
See full profileApply for this course
Applied Threat Intelligence
by Vicente Díaz, Marc Rivero Lopez
Total hours
45 Hours
Dates
Jun 13 - Jul 01, 2022
Fee for single course
€1500
Fee for degree students
€750
How to secure your spot
Complete the form below to kickstart your application
Schedule your Harbour.Space interview
If successful, get ready to join us on campus
FAQ
Will I receive a certificate after completion?
Yes. Upon completion of the course, you will receive a certificate signed by the director of the program your course belonged to.
Do I need a visa?
This depends on your case. Please check with the Spanish or Thai consulate in your country of residence about visa requirements. We will do our part to provide you with the necessary documents, such as the Certificate of Enrollment.
Can I get a discount?
Yes. The easiest way to enroll in a course at a discounted price is to register for multiple courses. Registering for multiple courses will reduce the cost per individual course. Please ask the Admissions Office for more information about the other kinds of discounts we offer and what you can do to receive one.