Course Outline: Cyber Threat Analysis (CTA)


Advisors and analysts who understand well the national security, financial and political impacts of cybercrime, cyber-espionage, and cyber-terrorism but want a deeper understanding of the technology and activities behind topics such as the Dark Web, Bot-nets, Bitcoin, Cryptoware, Watering-holes, Man-in-the-Middle and the like will value Cyber Threat Analysis. This course explains in plain English the essential technical details of the most commonly used cyber terms and concepts to pull back the curtain and provide deeper insight and appreciation.

Learning Outcomes

Conduct basic Offensive Cyber Operations activities:

  • Describe the fundamental technologies involved with cyber threats.
  • Describe at a high-level the technical mechanics of common cyber threats.
  • De-construct cyber threat actor groups into subordinate types and functions.
  • Classify cyber threat actors and techniques according to sophisication and effects.
  • Structure threat reports according to accepted standards and frameworks.


Course is delivered on-site at Fifth Domain's training facility.


Experience or study in security, intelligence or risk management.


27-28 February 2017

20-21 March 2017


$1500 +GST per person. Maximum 20 seats per course.


To register, please click here, or email us.

Course Program
Cyber Threat Analysis (CTA)

Day 1
Hacker Industry

Exploration of the global infrastructure and black-market underpinning cybercrime. Topics include:

  • ToR and the Dark Web
  • Hacking-as-a-Service (HaaS)
  • Digital currencies
  • Black-hat malware market supporting

Examination of notable cybercrime case-studies covering topics:

  • Cryptoware
  • Banking Trojans
  • Whaling (CEO spearphishing)
Day 2
Hacker TTPs

A walk through hacker Tactics, Techniques and Procedures (TTPs) of Discover, Access, Assure, and Leverage. Technical explanation of common terms used in threat reporting. Participants will come to understand:

  • Hacker's use of open-source intelligence tools and Internet platforms
  • The difference between a payload, exploit and delivery-vector.
  • How hackers maintain stealth and persistence, obfuscating footprints and covering tracks.
  • Mechanics behind covert data exfiltration, command and control beaconing, pivoting and lateral movement inside the network.