Threat intelligence done right.

What the industry deems “Threat Intelligence” is too often shortsighted and mislabeled, leaving security analysts chasing indicators around like some game of cat and mouse. Intelligence is supposed to change that game.

The frustration is over. The CIAO course was designed by seasoned military intelligence and cyber operators that can give you the tools to be successful in intelligence driven cyber operations. It’s time to finally get ahead of the adversary.


  • The ins and outs of all stages of the intelligence cycle from collection to analysis from seasoned intel professionals.

  • How to employ threat intelligence to conduct comprehensive defense strategies to mitigate potential compromise.

  • How to use TI to respond to and minimize impact of cyber incidents.

  • How to generate comprehensive and actionable reports to communicate gaps in defenses and intelligence findings to decision makers.

Target audience: Security Analysts, Decision Makers, CISOs, Network/Sys Admins


Length: Approx 40 Hours of Instruction


Completion: Course Certification

Applying our Threat Intelligence methodology additionally allows you to cut cybersecurity operating costs by determining where you actually need resources and making more efficient use of the tools you have available.

Stop relying on the “Hope Strategy” to protect against advanced threats and continue having frustrating discussions with decision makers about what you need to secure your network. Sign up today to gain control of your cyber program by learning how to apply a threat-based defense strategy and how intelligence can completely revitalize your existing cyber program.


Unit 1:  The Art of Intelligence

  ~ Module 1.1: Characteristics of Intelligence

  • Role of Intelligence

  • Data vs. Intelligence

  • Decision Making with Intelligence

  • History of Intelligence

  • The Intelligence Cycle

  • Sources and Assets

  • All-Source vs. Single Source Intelligence

    • Intel Driven Ops vs. Ops Driven Intel

  ~ Module 1.2: Intelligence Planning

  • Planning, Direction and Requirements

  • Collections Management

    • Collections Planning & Tasking

  ~ Module 1.3:  Intelligence Analysis & Reporting

  • Critical Thinking

  • Analytic Tradecraft   

    • Qualitative vs. Quantitative Analysis

    • Structured Analytic Techniques    

  • Intelligence Dissemination and Reporting

Unit 2:  Cyber Threat Intelligence (CTI) Theory

  ~ Module 2.1: Threat Intel Overview

  • Threat Intelligence Challenges (Analysis vs. Automation)    

  • CTI Program Implementation  


  ~ Module 2.2: TI Theory: Strategic and Operational       

  • Threat Based Defense/Top Down Approach     

    • Anticipate the Adversary with OODA 

  • Risk Management

  • Proactive Defense with TI

  • Intro to MITRE ATT&CK

  • Intro to Threat Modeling 

  ~ Module 2.3: CTI Theory: Tactics       

  • Types of Operations

  • Know thy Enemy: Cyber Adversaries

  • Exploits, Malware & Vulnerabilities  


Unit 3:  CTI Operations

  ~Module 3.1: Tactical Cyber Intelligence Operations         

  • OPSEC Tradecraft

  • OSINT Overview & Resources

  • Intel Ops with OSINT (Domain Investigations, IOCs, DNS Analysis, SSL/TLS Cert Analysis, Email Headers)

  ~ Module 3.2: Intelligence Sharing

  • Intel Sharing Agencies

  • Threat Platforms

  • Tactical Reporting

  ~ Module 3.3: Operation Cyber Intelligence Operations

  • Threat Modeling/Threat Profile Analysis (ATT&CK, Diamond Model, Frameworks)

    • Gap Analysis w/ATT&CK and Navigator, CAR

  • Minimizing Your Attack Surface/System Baselining

  • Operational CTI Reporting

  ~ Module 3.4: Strategic Cyber Intel Ops

  • Controlling/Closing the Gaps

    • Intel-Driven Network Defense Ops Strategies

  • DFIR/Threat Hunting Operations Strategies

  • Threat Environment Reporting


Shadowscape's threat intelligence certification program is a comprehensive, multi-course track that is not simply a watered down overview of what TI is, but rather is built upon a platform that necessitates the students gain expert level knowledge about the adversary and their TTPs. Students will install and employ industry standard TI platforms and tools as well as gain a comprehensive understanding of the intelligence and analytics processes of refining data and information into usable, actionable content. Make no mistake, this certification program will give our students the resources to build and employ a comprehensive TI program within their own organizations as well as the knowledge and expertise absolutely necessary to recognize the threat when it's knocking on their doorstep.        


*Course is approximately 40 Hours of Online Self-Paced training. Access to portal available for 60 days.

  • Cyber Intelligence Analytics and Operations - 60 Day Online, Self Paced Training
    Access granted once registered
    Online, Self-Paced Training
    Access granted once registered
    Online, Self-Paced Training
    Learn the facets of intelligence analysis and how to utilize it to perform ongoing cyber operations to scrutinize intrusions and conduct proactive investigations. This class is available for online for 60 days from registration with weekly live cohorts & concludes with a certificate of training.
Sign up for a Free Course Preview

Thanks for submitting!

upcoming cIAO Courses