Understand how to leverage threat intelligence to detect, investigate and defend against adversaries. Gain practical skills in using threat data, enrichment techniques, and analysis workflows to strengthen SOC capabilities.

This module explores the foundations of threat intelligence, covering data sources, enrichment and analytical methods. You will work with files, hashes, IPs, domains, and intelligence feeds to identify threats, track adversary behaviour, and connect findings to MITRE ATT&CK techniques. By the end, you will know how to operationalise threat intelligence in investigations and reporting.

Intro to Cyber Threat Intel

Introducing cyber threat intelligence and related topics, such as relevant standards and frameworks.

File and Hash Threat Intel

This room seeks to teach on enriching file and hash artefacts using threat intelligence.

IP and Domain Threat Intel

A look into enriching IP and domain insights with open source threat intelligence.

Invite Only

Extract insight from a set of flagged artefacts, and distil the information into usable threat intelligence.

Topic Rewind Recap

Lock in what you learned with a recap. Earn points and keep your streak.

Next steps

SIEM Triage for SOC

Explore how SIEM solutions help detect early signs of attacks, investigate SOC alerts, and correlate logs from multiple sources to build an incident timeline. These skills will be vital for you to identify and respond to real-world threats as a SOC analyst.

What are modules?

A learning pathway is made up of modules, and a module is made of bite-sized rooms (think of a room like a mini security lab).

Hierarchical diagram showing how learning pathways contain modules, which contain individual rooms.

Threat Analysis Tools

Intro to Cyber Threat Intel

File and Hash Threat Intel

IP and Domain Threat Intel

Invite Only

Topic Rewind Recap