CREST Practitioner
Threat Intelligence Analyst, CRTIA

A Threat Intelligence Analyst (TIA) is a role responsible for the collection, processing and analysis of data, information, and intelligence in order to generate threat intelligence outputs. Analysts are expected to be familiar with both contextual analysis (focussing on social, cultural, and geopolitical elements) and technical analysis (analysis of data relating to Indicators of Compromise) and the course covers both disciplines

Cyber Skills Training - Image of a woman

Course Style

Live Instructor Led. Face-to-face or attend from anywhere.

Skill up and get certified, guaranteed

What is included?

  • 5 days of training
  • Course material/Slides
  • Examination Fees
  • 95.8% Certification Success in First Attempt
  • Classroom training Or Attend-From-Any-Were
  • Training delivered by Professionals with enormous industry experience 
  • Total comprehensive exam preparation

What you will Learn?

Attendees will gain a good understanding of the key phases of intelligence generation, cyber specific information sources and common approaches to collection and analysis. As well as being able is to demonstrate a high level of competence in the collection, analysis, and dissemination of intelligence to a consistently high standard and in accordance with legal and ethical guidelines

Who should attend?

  • Individuals requiring a high-level technical skills and knowledge that CREST expects candidates to possess for the Threat Intelligence Analyst Certification.
  • Individuals wanting to be successful at passing at the CREST Registered Threat Intelligence Analyst (CRTIA) examination.

Course Dates

10 – 14 Jun, 2024
12 – 16 Aug, 2024
14 – 18 Oct, 2024
09 – 13 Dec, 2024

Course Outline

A – Key Concepts
A1 Business imperative
A2 Terminology
A3 Threat actors & attribution
A4 Attack methodology
A5 Analysis methodology
A6 Process intelligence lifecycle
A7 Principles Intelligence

B – Direction and Review
B1 Requirement’s analysis (scoping)
B2 Intelligence planning
B3 Project review

C Data Collection
C1 Collection planning
C2 Data sources and acquisition
C3 Data reliability
C4 Registration records
C5 Domain Name Server (DNS)
C6 Web enumeration and social media
C7 Document metadata
C8 Dump site scraping
C9 Operational security
C10 Bulk collection
C11 Handling sources

D – Data Analysis
D1 Contextualisation
D2 Analysis methodologies
D3 Machine based techniques
D4 Statistics
D5 Critique
D6 Consistency

E – Product Dissemination
E1 Forms of delivery
E2 Technical data sharing
E3 Intelligence sharing initiatives
E4 Intelligence handling and classification

F – Management
F1 Client management & communications
F2 Project management
F3 Reporting
F4 Understanding, explaining, and managing risk
F5 Third Parties
F6 Regulator Mandated TI schemes

G – Legal and Ethical
G1 Law Compliance
G2 Ethics

H. Technical Cyber Security
H1 IP Protocols
H2 Cryptography
H3 Vulnerabilities
H4 Intrusion Vectors
H5 Command & Control and Exfiltration Techniques
H6 Attack Attribution
H7 Current threat landscape


Attendance of the CPTIA course or a CPTIA certification is a pre-requisite for this course.

Are you ready to get started?