Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Coursera

Basics of Cyber Threat Intelligence

Starweaver via Coursera

Overview

Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
In today's rapidly evolving threat landscape, cyberattacks like ransomware, phishing, and data breaches demand more than reactive defense. This course introduces the fundamentals of cyber threat intelligence (CTI), empowering learners to anticipate threats, analyze adversary behavior, and produce actionable insights that inform security strategy, answering the core question of what is cyber threat intelligence and how it is used in real security operations. Grounded in real-world cases and current threat reports, this cyber threat intelligence (CTI) course draws on frameworks like MITRE ATT&CK and integrates key technologies including SIEM, SOAR, EDR/XDR, threat intelligence platforms, and Attack Surface Management. You will learn how CTI fits into the broader cybersecurity ecosystem and how intelligence is operationalized by modern security teams, including SOC analysts and incident responders. Designed for beginners and cybersecurity professionals alike, the curriculum builds foundational cyber threat intelligence skills before advancing to more complex analysis. Through practical exercises and hands-on tools, you will move beyond theory to map intelligence lifecycles, interpret threat data, and strengthen enterprise defense with intelligence-led cybersecurity practices, making this one of the most practical cyber threat intelligence certifications and training programs available today.

Syllabus

  • Course Introduction
    • In this course, you’ll learn how to transform raw cyber data into actionable intelligence to anticipate, detect, and respond to evolving threats. You’ll explore the full cyber threat intelligence (CTI) lifecycle, from collection and analysis to reporting and application, while using frameworks like MITRE ATT&CK and tools such as SIEM, SOAR, and Threat Intelligence Platforms. Through real-world case studies, hands-on exercises, and guided analysis, you’ll develop the skills to identify attacker tactics, integrate intelligence into security operations, and strengthen your organization’s defense posture.
  • Foundations of Cyber Threat Intelligence
    • In this module, you’ll explore the foundations of Cyber Threat Intelligence (CTI) and its vital role in modern cybersecurity. You’ll discover how CTI transforms raw data into actionable intelligence, examine the differences between data, information, and intelligence, and understand who uses CTI and why. Through real-world examples and an in-depth look at the Threat Intelligence Lifecycle, you’ll learn how organizations gather, analyze, and apply intelligence to defend against evolving cyber threats. This module lays the groundwork for building intelligence-driven security strategies across operational, tactical, and strategic levels.
  • Information Security Principles
    • In this module, you’ll explore how core information security principles underpin the development and application of Cyber Threat Intelligence (CTI). You’ll examine the CIA Triad—Confidentiality, Integrity, and Availability—as the foundation for secure data handling and resilient threat intelligence operations. You’ll also learn how risk management frameworks turn intelligence into action, guiding asset prioritization, vulnerability assessment, and control selection. Through practical applications and real-world examples, you’ll discover how to apply these principles across the CTI lifecycle to ensure intelligence is accurate, timely, and actionable.
  • Operationalizing CTI: Threat Intelligence Platform (TIP)
    • In this module, you’ll gain hands-on experience using Cyber Threat Intelligence (CTI) tools and frameworks to detect, analyze, and respond to cyber threats. You’ll learn to identify Indicators of Compromise (IOCs), map attacker behavior using MITRE ATT&CK, and translate intelligence into clear, actionable response strategies. Through guided simulations and real-world exercises, you’ll build confidence in using CTI to strengthen both proactive defense and incident response operations. By the end, you’ll understand how intelligence-driven actions can minimize risk, reduce response time, and improve overall cyber resilience.
  • Cyber Threat Intelligence Tools and Incident Response
    • In this module, you’ll gain hands-on experience using Cyber Threat Intelligence (CTI) tools and frameworks to detect, analyze, and respond to cyber threats. You’ll learn to identify Indicators of Compromise (IOCs), map attacker behavior using MITRE ATT&CK, and translate intelligence into clear, actionable response strategies. Through guided simulations and real-world exercises, you’ll build confidence in using CTI to strengthen both proactive defense and incident response operations.
  • Course Conclusion
    • In this final module, you’ll bring together everything you’ve learned across the course—foundations of cyber threat intelligence, information security principles, TIP integrations, and incident response. You’ll apply your skills in a project that challenges you to analyze a real-world cyber incident, identify threat actors, assess malware, and design an actionable intelligence report.

Taught by

Starweaver and Tom Themeles

Reviews

Start your review of Basics of Cyber Threat Intelligence

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.