Threat Actor Profiling

This course teaches you how to analyze threat actors and create profiles for them. Through a structured methodology, you'll learn to distinguish between threat actors, intrusion sets, and campaigns and understand how digital infrastructure, behavioral patterns, and attack frameworks converge to enable accurate attribution.

What You'll Learn

Differentiate between threat actors, intrusion sets (APT28, Lazarus Group), and time-limited campaigns with dedicated infrastructure.
Analyze passive DNS records to trace historical domain-to-IP resolutions and link incidents to common actors.
Conduct WHOIS and SSL/TLS certificate analysis to surface shared registration data and identify common infrastructure.
Perform AS analysis to understand how threat actors select hosting providers based on takedown sensitivity.
Apply the Diamond Model (Adversary, Infrastructure, Capability, Victim) as a structural framework for any cyber attack.
Correlate events using shared TTPs, malware families, and C2 infrastructure mapped to MITRE ATT&CK.
Produce a structured threat actor profile through a live case study on Blind Eagle (APT-C-36).

Format

Online
Course

Created Date

Aug
25

Learners

95+

Level

Beginner

Duration

30 min

Price

Free

Social Accounts

Get in Touch

300 Delaware Ave. Ste 210 #328
Wilmington, DE 19801 / USA
academy@brandefense.io

Our Newsletter

Get weekly updates on live streams, news, tips & tricks and more.

I would like to receive news, tips and tricks, and other promotional material

Thank you!

Subscribe to our newsletter now!

Get insight, analysis & news straight to your inbox!