When will I have access to the lectures and assignments?

To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

What will I get if I purchase the Certificate?

When you purchase a Certificate you get access to all course materials, including graded assignments. Upon completing the course, your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.

Is financial aid available?

Yes. In select learning programs, you can apply for financial aid or a scholarship if you can’t afford the enrollment fee. If fin aid or scholarship is available for your learning program selection, you’ll find a link to apply on the description page.

Advanced Threat Intelligence Techniques

Advanced Threat Intelligence Techniques

位教师：Mark Peters

包含在中

了解更多

4个模块

深入了解一个主题并学习基础知识。

中级等级

推荐体验

8 小时完成

灵活的计划

自行安排学习进度

4个模块

深入了解一个主题并学习基础知识。

中级等级

推荐体验

8 小时完成

灵活的计划

自行安排学习进度

您将学到什么

Analyze threat intelligence by defining requirements, applying frameworks, and modeling adversaries to produce decision-relevant intelligence.
Apply collection and processing to gather, filter, and normalize threat data from multiple sources while accounting for quality, bias, and relevance.
Evaluate adversary behavior and attribution by applying analytic techniques, mapping TTPs to frameworks, and communicating confidence levels.
Create threat intelligence outcomes by integrating into defensive workflows, evaluating effectiveness, and applying AI capabilities responsibly.

您将获得的技能

您将学习的工具

MITRE ATT&CK Framework

要了解的详细信息

可分享的证书

添加到您的领英档案

了解顶级公司的员工如何掌握热门技能

了解关于 Coursera for Business 的更多信息

Petrobras, TATA, Danone, Capgemini, P&G 和 L'Oreal 的徽标

该课程共有4个模块

Advanced Threat Intelligence Techniques (ATI) teaches cybersecurity professionals how to produce defensible, decision-relevant threat intelligence in real operational environments. Rather than focusing on tools alone, the course emphasizes intelligence tradecraft, guiding learners through problem framing, intelligence requirements, disciplined collection, and structured cyber threat analysis.

Learners examine adversary behavior using frameworks such as MITRE ATT&CK, apply adversary modeling and TTP analysis, and evaluate evidence through structured analytic techniques. The course also explores malware analysis, OSINT collection, and methods for conducting careful attribution analysis while managing uncertainty and bias. Designed for SOC analysts, incident responders, threat researchers, and threat hunting teams, ATI demonstrates how intelligence supports operational decision-making. Participants learn how to translate analytic findings into detection improvements, threat hunting hypotheses, and executive communication—while responsibly integrating emerging capabilities such as AI in cybersecurity. By the end of the course, learners will be able to produce threat intelligence assessments that withstand analytic scrutiny and meaningfully influence security operations.

单元详情

This module establishes the foundational tradecraft of threat intelligence by defining intelligence as a decision-enabling discipline, not a collection of data or tools. Learners explore how intelligence requirements are shaped, how analytic frameworks support structured thinking, and why modeling adversaries and systems is essential for producing actionable insight. Emphasis is placed on analytic rigor, stakeholder alignment, and managing uncertainty—skills that separate mature intelligence programs from reactive reporting functions. By the end of this module, learners will understand how to structure intelligence problems that support real operational and strategic decisions.

涵盖的内容

11个视频2篇阅读材料1个作业1次同伴评审2个讨论话题

11个视频总计51分钟

Course Orientation: Intelligence Tradecraft and Outcomes 2分钟
Module Introduction3分钟
Defining Intelligence as Decision-Support Discipline 4分钟
Strategic, Operational and Tactical Intelligence Explained 5分钟
Applying the Intelligence Cycle to Cyber Threat Analysis 6分钟
Framing the Intelligence Problem for Decision-Making 4分钟
Decomposing Intelligence Questions and Assumptions 4分钟
Using MITRE ATT&CK to Structure Intelligence Problems 7分钟
Modeling Adversaries, Capabilities and Intent 4分钟
Analyzing Target Systems and Centers of Gravity 7分钟
Managing Intelligence, Consumers, and Expectations 4分钟

2篇阅读材料总计10分钟

Welcome to the Course: Course Overview5分钟
Tradecraft Primer 5分钟

1个作业总计20分钟

Threat Intelligence Fundamentals and Frameworks20分钟

1次同伴评审总计10分钟

Hands-On-Learning: Framing Intelligence Problems and Modeling Adversary Impact 10分钟

2个讨论话题总计20分钟

Decision-Relevant Intelligence10分钟
Confidence vs. Speculation10分钟

This module focuses on how threat intelligence teams collect, process, and normalize data in ways that support analytic judgment rather than overwhelm it. Learners examine open-source intelligence, malware-derived data, and large-scale datasets, with emphasis on source evaluation, signal filtering, and bias management. The module highlights the tradeoffs between speed, depth, and reliability, and demonstrates how improper processing can distort downstream analysis. By the end of this module, learners will understand how disciplined collection and processing create the conditions for credible intelligence assessment.

涵盖的内容

10个视频1篇阅读材料1个作业1次同伴评审1个讨论话题

10个视频总计63分钟

Module Introduction2分钟
Designing OSINT Research Strategies 6分钟
Collecting and Interpreting Dark Web Intelligence 5分钟
Filtering OSINT Data for Analytic Relevance 7分钟
Identifying and Evaluating Malware Intelligence Sources 8分钟
Observing Malware Behavior Using Sandboxes 6分钟
Inferring Adversary Intent from Malware Behavior 9分钟
Applying Statistical Reasoning to Threat Intelligence 7分钟
Visualizing Threat Data for Analytic and Executive Use 6分钟
Identifying and Mitigating Bias in Threat Data 7分钟

1篇阅读材料总计5分钟

What Is OSINT (Open-Source Intelligence) in 2025? 5分钟

1个作业总计20分钟

Collection and Processing Techniques 20分钟

1次同伴评审总计10分钟

Hands-On-Learning: From Collection to Confidence: Validating Threat Intelligence Under Uncertainty 10分钟

1个讨论话题总计10分钟

Confidence vs. Data Volume10分钟

This module focuses on how threat intelligence teams analyze collected data and assess attribution with discipline and confidence. Learners apply structured analytic techniques to evaluate adversary behaviour, map TTPs, and distinguish evidence from assumptions. The module emphasizes probabilistic reasoning, confidence levels, and analytic transparency—particularly where attribution carries operational or strategic risk. By the end of this module, learners will be able to produce defensible intelligence judgments that withstand scrutiny from both technical and executive stakeholders.

涵盖的内容

10个视频1篇阅读材料1个作业1次同伴评审2个讨论话题

10个视频总计47分钟

Module Introduction 2分钟
Applying Predictive Reasoning to Adversary Behavior 5分钟
Analyzing Adversary Organizations and Constraints 5分钟
Assessing Adversary Technical Capabilities and Tradeoffs 5分钟
Identifying Meaningful Signals in Threat Activity 4分钟
Analyzing Adversary TTPs Using MITRE ATT&CK 5分钟
Translating TTP Analysis into Defensive Use Cases 5分钟
Producing Intelligence That Answers Organizational Requirements 4分钟
Expressing Confidence and Uncertainty in Intelligence Reporting 8分钟
Identifying Intelligence Gaps and Future Collection Needs 4分钟

1篇阅读材料总计5分钟

Emergent Intelligence: Spycraft and Intelligence in the AI Era 5分钟

1个作业总计20分钟

Analysis and Attribution20分钟

1次同伴评审总计10分钟

Hands-On-Learning: Evaluating Adversary Behavior and Attribution 10分钟

2个讨论话题总计20分钟

Attribution Risk and Analytic Restraint10分钟
Confidence Levels and Intelligence Trust10分钟

This module focuses on turning threat intelligence into measurable, operational impact across detection, response, and decision-making workflows. Learners examine how intelligence informs threat hunting, defensive architecture, and program governance while navigating legal, ethical, and organizational constraints. The module emphasizes effectiveness over activity, teaching learners how to measure success, identify gaps, and communicate value to stakeholders. By the end of this module, learners will be prepared to integrate intelligence into real operational environments and continuously evolve their intelligence programs.

涵盖的内容

11个视频1篇阅读材料1个作业2次同伴评审1个讨论话题

11个视频总计72分钟

Module Introduction 3分钟
Defining Intelligence Signals for Operational Detection 6分钟
Interpreting Security Reports Through an Intelligence Lens 8分钟
Designing Intelligence-Informed Security Architectures 7分钟
Managing Legal and Ethical Constraints in Threat Hunting 7分钟
Collaborating with Threat Hunters Using Intelligence 7分钟
Sharing Threat Intelligence Across Industry and Communities 8分钟
Measuring Threat Intelligence Program Success 8分钟
Identifying Analytic, Collection, and Program Gaps 8分钟
Applying AI Responsibly in Threat Intelligence Programs 6分钟
Course Wrap-Up3分钟

1篇阅读材料总计5分钟

Focusing on the Right Threat Intelligence Metrics 5分钟

1个作业总计20分钟

Operationalizing Threat Intelligence20分钟

2次同伴评审总计70分钟

Hands-On-Learning: Operationalizing Intelligence and Measuring Impact 10分钟
Project: Producing and Operationalizing a Defensible Intelligence Assessment60分钟