Skip to main content
Room Banner
Back to all walkthroughs
Room Icon

CTI for Alert Triage

Max room.

Explore how security analysts can use CTI in their daily operations.

easy

45 min

64

User profile photo.
User profile photo.

To access material, start machines and answer questions login.

This room explores the differences between simple reputation lookups and Cyber Threat Intelligence (). You will follow an investigation scenario and see how can simplify alert triage and serve a larger goal for mature security teams. You will also identify pitfalls when using and learn how to weigh conflicting intel sources.

Learning Objectives

  • Learn when to use and how it can help different security roles
  • Discover the workflow when working with conflicting intelligence
  • Write a concise intel handoff note to support future investigations

Prerequisites

Answer the questions below

Let's get started!