Hands-on with Threat Intelligence
Learn how Threat Intelligence (TI) is used in real SOC environments to enrich alerts, identify attacker infrastructure, map threats to MITRE ATT&CK, and improve detection and response using open-source and community-driven intelligence platforms.
Overview
This project introduces Threat Intelligence from a SOC analyst’s perspective. You will learn what threat intelligence is, why SOCs rely on it, and how analysts use open-source intelligence platforms such as VirusTotal, AlienVault OTX, ThreatFox, AbuseIPDB, and MISP during investigations.
The project focuses on practical application, not theory—showing how threat intelligence adds context, confidence, and prioritization to alerts generated by SIEM, EDR, and SOAR tools.
By the end of this project, you will understand how threat intelligence transforms raw alerts into informed security decisions.
What You'll Learn
-
Introduction to Threat Intelligence
Understand what Threat Intelligence is and how it provides context about threat actors, infrastructure, and attack campaigns.
-
Types of Threat Intelligence
Understand strategic, operational, tactical, and technical intelligence and how each is used by different security teams.
-
Indicators of Compromise (IOCs)
Learn what IOCs are, their limitations, and why they must always be validated with context.
-
Open-Source Threat Intelligence Platforms
Explore widely used platforms like VirusTotal, AlienVault OTX, ThreatFox, AbuseIPDB, and MISP.
-
Threat Intelligence, MITRE ATT&CK & SOC Integration
Learn how threat intelligence maps to MITRE ATT&CK and integrates with SIEM, EDR, and SOAR workflows.
About Trainer
Rajneesh Gupta
Rajneesh Gupta is a seasoned cybersecurity professional with over 11 years of industry experience. With a remarkable career focused on incident response, penetration testing, security compliance, and risk management, Rajneesh has established himself as a leading expert in the field. He is also an accomplished author, having penned the book "Hands-on with Blockchain and Cybersecurity". As a dedicated educator, Rajneesh has made a significant impact on the cybersecurity community by training over 60,000 students globally.
Related Projects
Hands-on with SOAR
Learn how SOAR platforms automate SOC operations by orchestrating tools, enriching alerts, and executing response actions—through hands-on walkthroughs of n8n, Shuffle, and Tines.
Windows Fundamentals
Master the core Windows skills required for SOC Analysts, Security Engineers, IT Administrators, and Cloud Professionals through fully hands-on, task-based labs.
Introduction to SOC (Security Operations Center)
Understand how a real-world Security Operations Center (SOC) operates by learning its purpose, people, tools, processes, data flow, alerts, and business impact through structured, concept-driven tasks.