On This Page

Practical Threat Intelligence

Threat Intelligence Pty Ltd | July 22-23 & July 24-25


Its time to put your intelligence and security skills to the test! Our completely revamped "Practical Threat Intelligence" training course has a highly technical focus supported by automated attacks across 2,000 systems infiltrating 90 virtual organisations.

Students will be provided with an in-depth understanding of how to implement Cyber Threat Intelligence systems within their virtual organisations to efficiently identify and prioritise threats, attacks and security breaches.

Focusing on key Threat Actors and their Intent to harm your organisation, students learn the Attack Techniques that hackers use to remotely infiltrate your systems, Intelligence Techniques to gather and analyse the Indicators of Compromise, and what you need to do to Share Intelligence and respond in order to stay ahead of the attackers.

Students will learn practical technical skills including:

- Evolution of Threats, Attacks and Security Breaches
- Cost of a Security Breach and How This Cost is Triggered
- Threat Actor Model
- Threat Actor Intent
- Threat Scenarios
- Threat Actor Attack Techniques
- Threat Actor Exfiltration Techniques
- Threat Actor Privillege Escalation Techniques
- Early Indicators of Compromise - Threats
- Active Indicators of Compromise - Endpoint
- Active Indicators of Compromise - Servers
- Post-Incident Indicators of Compromise - Breaches
- Intelligence Gathering Techniques
- Open Source Intelligence
- Human Intelligence
- Counter Intelligence
- Internal Intelligence
- Intelligence Data Formats
- CybOX
- OpenIOC
- Intelligence Sources
- Intelligence Aggregation Systems
- Intelligence Architecture
- System and Malware Analysis
- Intelligence Analysis
- Threat Intent Analysis and Response
- Threat Data Visualisation
- Threat Intelligence Sharing

Take your intelligence skills to the next level! Register now to secure your spot!

Who Should Take this Course

- Threat Analysts, Security Officers, Security Auditors, System Administrators and anyone else who wants to increase their Cyber Threat Intelligence skills.

- Anyone who is interested in Cyber Threat Intelligence, incident response, modern security controls and detection techniques are prime candidates for this course. Students will be taught from scratch everything they need to know to complete this course successfully and walk away with a thorough knowledge and practical skills on intelligence-based security.

- Managers who want to gain a more in depth understanding of intelligence-based security, modern security controls, approaches and detection, and the general risks associated with your network security.

Student Requirements

Reasonable understanding of Linux and Windows command line concepts.

We have a cut and paste alternative for those who are a bit rusty on Windows or Linux. Ideally you could do most of this already.

What Students Should Bring

- A working laptop (Windows, Mac or Linux) with an RDP client installed
- Wireless network adapter for internet access

What Students Will Be Provided With

- Virtual Threat Intelligence Environment
- Practical Threat Intelligence workbook
- Lab instructions and solutions


Andrew is the Chief Technology Officer at Threat Intelligence Pty Ltd (www.threatintelligence.com). He is an in demand speaker and trainer, with past speaking engagements at AusCERT, linux.conf.au, Black Hat, OWASP AppSec EU and AppSec USA, and training many thousands of developers and information security professionals through public and private training offerings. Andrew van der Stock is an acknowledged leader of the application security field, with over 15 years application security experience in Australia and the USA, and over 20 years' experience in the IT and System Administration fields. Andrew joined OWASP in 2002, and continued sharing his passion for information sharing by participating in and then leading the Developer Guide project, culminating in the OWASP Guide to Building Secure Software 2.0 in 2005. He led the OWASP Top 10 2007 effort, initiated and led the OWASP ESAPI for PHP effort, currently leads the OWASP Developer Guide project, and is a key contributor to the OWASP Proactive Controls. Andrew is lead author of the OWASP Application Security Verification Standard 2.0. He is the long-time moderator of the Symantec SecurityFocus webappsec mailing list. Andrew is currently on the global Board of Directors of OWASP, and has previously held the Executive Director position at OWASP and been a member of the OWASP Global Chapters Committee.