How to advance your experience in the field of threat intelligence? Join the 3 day Fox-IT course in Cape Town, South Africa. This training is tailored for TI analysts in the financial services industry. Learn from the experts from Fox-IT.
Day 1: Threat intelligence analyst training
- Introduction to CTI
– Lockheed Martin’s kill chain
– Diamond Model
- Methods and techniques for data analysis and data enrichment.
– VirusTotal/ Shodan/ Censys/ etc.
– OSINT and practice exercise
- Processing the extracted data and sharing intelligence with other intelligence consumers.
- Overview of commonly used platforms (MISP, EIQ) and standards (STIX, TAXII, Cybox etc) within threat intelligence management and how these are applied in practice.
Day 2: Threat intelligence analyst training
- Basic Reversing
– Assembly, Registers, Stack & Heap
- Writing basic IDS (Snort) & Yara rules
Day 3: Threat intelligence analyst training
- Static Analysis
- Dynamic Analysis
- Case Study: Lazarus / Snake
After this module you will be able to understand:
- What Threat Intelligence is
- How to describe threats and events using the killchain and the diamond model
- How to gather, analyze and enrich data regarding threats
- How to use a TIP to share information to other intelligence consumers
- How to analyze malware, using several methods
- How to write basic YARA rules
- How to write basic SNORT rules
1.925 EU excl. VAT