Cyber Threat Intelligence for Enhanced Cybercrime Investigation

Cyber Threat Intelligence for Enhanced Cybercrime Investigation is a practitioner-level course focused on understanding who is behind a cyberattack, how they operate, and how to build actionable intelligence profiles that drive proactive defense. The course covers the full threat actor profiling workflow, from classifying adversary types and applying structured frameworks, to navigating the MITRE ATT&CK matrix and operationalizing open-source CTI platforms. Hands-on demo sessions guide learners through ATT&CK Navigator and a complete end-to-end profile build of a real-world threat group.

What You'll Learn;

• Classify cyber threat actors by type, motivation, and capability, covering financially driven cybercriminals, nation-state APTs, hacktivists, and insider threats.
• Profile adversaries using the Diamond Model of Intrusion Analysis and the Pyramid of Pain to prioritize TTPs over static IOCs.
• Navigate the MITRE ATT&CK Enterprise Matrix and map real-world behaviors to Tactics, Techniques, and Sub-techniques.
• Use ATT&CK Navigator to build heatmaps, compare threat group profiles, and export findings for detection and reporting.
• Explore open-source CTI platforms MISP and OpenCTI, and understand how STIX/TAXII standards enable structured intelligence sharing.
• Complete a full threat actor profile from scratch using Scattered Spider as a case study, applying a confidence-rated, analyst-grade output format.