← Back to all courses

Threat Intelligence Analyst Course

Learn how to collect and operationalize intel across the full security lifecycle, from detection and response to architecture, red teaming, and business risk management

Enroll now

Format

Online

Duration

3 days

Level

Intermediate

Language

English

Arabic

Target participants

Technical specialists with cybersecurity experience

Gain a structured understanding of how threat intelligence supports modern defense and decision-making.

Information security specialists

Integrate threat intelligence into detection, response, and investigation workflows.

SOC and CERT employees

Apply intelligence to improve alert triage, detection logic, and incident response operations.

Course modules

Introduction to threat intelligence

Overview of cybersecurity threats and trends
Fundamental concepts in threat intelligence
Threat intelligence levels and sources
Attributes of effective intelligence
Confidence and confidentiality levels

Analytical methods and workflow

Intelligence-driven operations
Analytical models and techniques
Common analyst biases
Reporting best practices
Daily routine of an analyst

Core components of a threat intelligence program

People, processes, and technologies
Stakeholders and Priority Intelligence Requirements
Crown jewel model

Course certificate

At the end of the course, you will receive a personal certificate confirming your expertise and strengthening your professional credibility

Trainers

Svetlana Ostrovskaya

Head of Education Practice

Svetlana Ostrovskaya

With a background in incident response and digital forensics, Svetlana has designed many DFIR training programs and crisis management masterclasses. She has also co-authored articles and books on cybersecurity, such as Practical Memory Forensics, Incident Response for Windows, and the e-guide Human-Centric Assessments. She has trained specialists in more than 30 countries and spoken at leading conferences worldwide, from FS-ISAC Japan to GITEX UAE.

Ahmed Nosir

Cybersecurity Consultant

Ahmed Nosir

Ahmed has been working in Security Operations Center over the last three years, transitioning his expertise from penetration testing to Digital Forensics and Incident Response and regularly takes part in complex incident response operations.

Ahmed has conducted numerous training sessions, molding the new age cybersecurity professionals. His expertise doesn’t just stop at identifying digital threats, but extends to fostering a culture of continuous learning and curiosity among aspiring cyber experts.

Ahmed has conducted numerous training sessions, molding the new age cybersecurity professionals. His expertise doesn’t just stop at identifying digital threats but extends to fostering a culture of continuous learning and curiosity among aspiring cyber experts.