21
Apr
2020

Free Cyber Intelligence Short Course

04-21-2020 2:00 pm - 04-21-2026 3:00 pm
Online
Free
Free Cyber Intelligence Short Course

Treadstone 71 Training and Webinars

Intelligence Community-Driven Content  - Free Short Course from Treadstone 71

This free course provides an overview of the Certified Threat Intelligence Analyst online instruction as well as pre-recorded webinars on Stakeholder Management, Adversary Targeting, Intelligence Requirements, STEMPLES Plus, and Collection Management.

The short course provides an overview of:

  • Treadstone 71 History
  • Training and Webinar Approach
  • Risk versus Intelligence
  • Forecasts - Estimates
  • Cyber Intelligence Lifecycle
  • Intelligence COmmunity Taxonomy
  • Areas of Intelligence
  • OPSEC - Data Provenance - Source Validation-Evidence Credibility
  • Stakeholder Management
  • Adversary Targeting
  • STEMPLES Plus - Indicators of Change
  • Intelligence Requirements
  • Logical Adversaries
  • Threat Matrices
  • Collection Plans - Request for Information
  • Structured Analytic Techniques
  • Analysis of Competing Hypotheses
  • Critical Thinking
  • Cognitive Bias
  • Types of Analysis - Reasoning Methods - Synthesis
  • Production - Analysis - Interpretation - Intuition - ATT&CK
  • Analytic Writing
  • Briefs and Reports
  • Argument Mapping
04
May
2020

ON DEMAND BUNDLE - Certified Threat Intelligence Analyst Plus 6

05-04-2020 - 05-03-2021
$5,899.00

This is an on-demand course that runs up to 12 weeks.

20% VETERANS DISCOUNT

The online courses are instructor video and audio recorded with periodic direct interaction with the instructor via online web meetings. The instructor will have standard office time for questions and answers as well as regular access via class email and other messaging options.

Validated and registered students will receive login and preparation information 1 week prior to class start. Prospective students must send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. from a corporate account to validate course eligibility before registration. (Corporate accounts are not Gmail, Hotmail, Yahoo, Mail, Hushmail, Protonmail, and the like). Treadstone 71 reserves the right to restrict course registration based upon certain risk factors.

This course follows (non-inclusively) the International Association for Intelligence Education Standards for Intelligence Analyst Initial Training.

  • Introduction to Intelligence
  • Critical Thinking
  • Analytic Writing
  • Creative Thinking
  • Analytic Briefing
  • Structured Analytic Techniques.
  • Analytic Issues
  • Argument Mapping
  • Case Studies

Latest student testimonial: 

"With my extensive experience working in the Department of Defense on active duty and federal contractor, this training provided industry professionals with a greater perspective for intelligence analysis. The training taught state of the art concepts and applied them to real-world scenarios establishing a solid understanding of using these intelligence tradecrafts to effectively predict and prevent cyber actors from exploiting their organizations. Individuals new to the cyber intelligence field or professionals who want to fine-tune their skills in the intelligence field should strongly consider this training for any intelligence analyst or security professional."

  • Anonymity and Passive Persona setup
  • Collection Methods and Techniques - WITH AN ADDED LECTURE ON COLLECTION MANAGEMENT
  • Collection Planning, IRs/PIRs/EEIs/Indicators/SIRs WITH AN ADDED LECTURE ON INTELLIGENCE REQUIREMENTS
  • Collection Process Flow
  • Collection (OSINT) Tools and Targeting
  • Threat Intelligence WITH AN ADDED LECTURE ON ADVERSARY TARGETING (D3A AND F3EAD) AND THREAT MATRICES
  • Most likely Threat Actors
  • Hunch.ly
  • Use of Maltego – overview
  • OPSEC – VPNs, Buscador, Authentic8 Silo - WITH AN EXTENDED OPSEC LECTURE
  • OSINT Browser – Oryon C Portable
  • Proxy Access – the DarkNet
  • Burn phone set up and use (US Only)
  • Open Source Intelligence OSINT
  • Production Methods
  • Structured Analytic Techniques – Their use
  • Adversary Denial and Deception
  • Source Credibility and Relevance
  • Source Validation
  • Denial and Deception
  • Confidence Levels
  • Types of evidence
  • Production Management
  • Critical and Creative Thinking
  • Cognitive Bias
  • Glossary and Taxonomy
  • What Intelligence Can and Cannot Do
  • Use of Mitre ATT&CK in Analysis
  • ATT&CK in examining patterns and trends
  • ATT&CK in Adversary tendencies
  • Estimation and Forecasting
  • Campaign analysis
  • Types and Methods of Analysis
  • Synthesis and Fusion
  • Analysis of Competing Hypothesis
  • Inductive/Abductive/Deductive Reasoning
  • Stakeholder Identification, and Analysis WITH AN ADDED LECTURE ON STAKEHOLDER MANAGEMENT
  • Analytic Writing, BLUF, AIMS
  • Forecasting in your writing
  • STEMPLES Plus, Indicators of Change WITH AN ADDED LECTURE ON STEMPLES Plus, Indicators of Change and Hofstede Principles
  • Argument Mapping
  • Types of Reports
  • Product Line Mapping
  • Report Serialization, and Dissemination
  • Live Case Studies – Class briefs
  • All Case Studies use all methods, techniques, and tools referenced in the course material. The Case Studies used are straight from the headlines giving students real world experience during the class.

All students receive 2 books and 50 plus course documents, VPN, and other course material.

01
Jul
2020

Certifed Cyber CounterIntelligence Analyst

07-01-2020 - 05-01-2026
Online
$5,299.00
Certifed Cyber CounterIntelligence Analyst

This course presents the student with foundational concepts and processes in the discipline of cyber counterintelligence with a focus on cyber counterintelligence missions, defensive counterintelligence, offensive counterintelligence, and counterespionage as these realms apply to traditional tradecraft, and how they are or will evolve into the cyber domain. The course includes a very different approach to counterintelligence using models exhibited online over the past few years to steer the conversation to the desired outcome.

8 to 12 Weeks - On-Demand - Online

Cyber Infiltration Propaganda and Fallacies Cyber Psychological Operations
Information Operations Media Manipulation Target analysis and manipulation
Standard Glossary and Taxonomy Charts, Graphs, Generators Authoring of blogs and articles for influencing
Mission-Based Counterintelligence Deception Planning Placement of specific concepts and phrases
Counter Collection and Anticipation Deception Chain Cyber Persona Layer
Denial and Deception Types of Denial and Deception Cyber Persona Development and Maintenance
Counter-Denial and Deception D&D Usage Character archetypes
Open Source Intelligence in Deception Operations Perception as Deception Establish the storyline
VPNs and Burn Phones (US Only) Avoid and Deny Establish the plot synopsis
Methods of Social Media Research Shifting the Conversation Story weaving and management
Social media demographics Forum Manipulation - COINTELPRO Target profiles – dossiers
Cyber Target Acquisition and Exploitation Social Psychology Target gap analysis
Identify Active Adversary Campaigns Persuasion Clandestine Collection Operation
Intent, Motivation, Goals, & Requirements Differences in Culture/Diversity Surveillance and Counter Surveillance
Passive data collection Hofstede Dimensions CI Insider Threat, Investigations
Campaign development Reciprocity and Consistency Guide to Underhanded Tactics
Vectors of approach Social validation Rules for Radicals
Courses of action Liking, Authority, and Scarcity Case Studies
Elicitation and exfiltration Rules of Disinformation Team Presentations
Memetic Engineering Information Warfare Content Creation
Operational Security MORE DETAILS BELOW
26
Aug
2020

Collection Manager's Course

08-26-2020 - 12-29-2027
Online
$5,299.00

All too often we see organizations receive information on threat actors only to point-and-shoot when it comes to collection. There is little to no structure in this critical task that drives all intelligence production, analysis, and analytic writing.

ON-DEMAND COURSE 

This course prepares the organization’s designated intelligence professional as the person in charge of managing collection planning, staffing, targeting, ensuring integrated, synchronized, and deconflicted collection actions. As information is received from internal requests for information, analysis of existing data, information, and intelligence on the subject in question, the collection manager correlates and determine gaps in preparing the collection plan. This course prepares students in the development of collection requirements, designed to maximize the effectiveness of your limited resources covering what may seem as vast areas of online targets. The course assists the collection manager in determining where to look when to look, and what to look for. We provide students with situation and event templates, how to fill them out, how to manage the ever-changing problem iteratively, and how to establish collection priorities base on the courses of action the threat actor may likely adopt.

The collection manager works with the intelligence and priority intelligence requirements to develop the collection plan translating these into specific information requirements used to provide targeting while managing the availability and capabilities of the collection/research team.

The course prepares the collection manager with the following non-inclusively:

  • Collection Planning Screening Sources
  • Interpretation of Stakeholder Needs Data Segmentation and Prioritization
  • Intelligence Requirements Establishing a program of record
  • Essential elements of information Targeting
  • Analysis of requirements against the existing knowledge base Open Source Collection
  • What do you have? Tools, Methods, Resources
  • What do you not have? Using the TIP
  • What is the gap? Vendor Report Reviews
  • Where and how will you acquire that data? Threat Intelligence Platform Use and Data Extraction
  • How much time do you have? Tagging strategies
  • STEMPLES Plus – Strategic Analysis
  • What skills do you have to accomplish the task? Rules of Engagement
  • What skills do you not have? Escalation Guidelines and Rules
  • Mission and Requirements Management Passive Collection
  • Convert RFI’s to collection requirements Observables
  • Data Provenance
  • Collection Manager Communications and Sharing
  • Support to Leadership
  • Purpose of Stakeholder Analysis
  • Questions used to organize your products
  • Know your customer checklist
  • Getting started checklist
  • High-level process overview
    • How to Communicate Up
  • Steps to follow
    • Sample Invitation Letter
  • Strategic Questioning and Listening
    • Active and Empathic Listening
  • Stakeholder Collection and Tracking Model
    • Reporting formats for real-time interaction
    • Choices of visual support materials
    • Stakeholder Impact and Influence
  • Stakeholder Tracking
  • Priority Intelligence Requirements (PIR) – What are they?
    • Intelligence Requirements
  • Common Adversaries
  • Information Requirements Process Flow
    • Intelligence Requirements
    • Essential Elements of Information
    • Specific Information Requirements
    • Indicators
    • The Overall IR Process Flow
  • Targeting – Intelligence Collection
  • Information Required Prior to Intelligence Requirements
  • Prioritization
    • What is an Intelligence Requirement
    • What is a Priority Intelligence Requirement
    • Prioritization continued
  • Collector/Analyst Need to Understand
  • Stakeholder knowledge of their systems and data
  • Intelligence Team Priority Intelligence Requirements Examples
  • Collection – Research RACI
  • Indicators and Warnings
  • Intelligence Requirements Tracking
  • Get them to requirements
  • What is D3A?
  • D3A Targeting Requirements
    • Adversary Identification
    • Breakdown
  • Bring in Stakeholder Requirements
  • What is F3EAD?
  • The D3A/F3EAD Integrated Process
    • Aligned to the Cyber Threat Intelligence Lifecycle
    • Integrated Lifecycle Breakdown
    • The Full Lifecycle
    • The Treadstone 71 D3A and F3EAD Diagram and Intel Lifecycle
  • Logical Adversaries to Intelligence Requirement Development
    • Building Threat Matrices
    • Simple to Complex
    • Inclusion of ATT&CK Groups aligned to Nation-States
  • Threat Matrices
    • Simple to Complex
  • Wrap-up // Q&A
  • The Six Categories – ASCOPE
    • Area
    • Structures
    • Capabilities
    • Organizations
    • People
    • Events
  • D3A Targeting F3EAD
  • STEMPLES Plus
    • Social
    • Technical
    • Economic
    • Military
    • Political
    • Legal/Legislative
    • Educational
    • Security
    • PLUS
    • Religion
    • Demographics
    • Linguistics
    • Psychological
    • Other
  • Indicators of change
    • Motive thru Capabilities
      • Levels of Concern
      • Examples
  • Hofstede Principles
    • Power and Distance
    • Individualism and Collectivism
    • Masculinity and Femininity
    • Uncertainty Avoidance
    • Long Term and Short Term
    • Indulgence and Restraint
    • Hofstede Country Comparison Exercise
  • Strategic Analysis with STEMPLES
  • Indicators – Indicators of Change Matrices
  • STEMPLES Plus Template and Example
  • Definition
  • Requirements Management
  • Mission Management
    • Mission Analysis
    • Gaps
  • Collection Planning
    • Simplified Process
  • Collection Strategy
    • Intelligence Collection Synchronization
    • Red Team Support
    • Collection Tasking
  • Collection Operations
    • Principles
  • Collection Manager Tasks
    • Bringing in Intelligence Requirements
    • A Multidisciplinary Approach
    • Prioritization of Requirements
    • Available Assets
    • Iterative re-tasking Continuous monitoring of collection results
    • Anticipate collection requirements Meeting SIR requirements
  • Operational Security Rules (OPSEC)
    • Laptops and Access
    • Like a SCIF
    • The anonymity of your passive collection
    • List of items to consider
    • Standards and words to follow
    • Browser plug-ins / extensions
    • Recommended Software
    • Standard Desktop
  • Rules of Engagement (RoE)
    • Purpose
    • Pre-conditions required for RoE
    • Team Roles and Responsibilities
    • Use of Cyber Personas
    • Rules for the Rules
    • Internal and External Threats
    • Tools and Resources – High-Level
    • Escalation Cycle
  • Cyber Persona Methods and Techniques
    • Concepts – Logline
      • Establish the Logline – Create the Plot
    • Persona Archetypes
      • Archetype Review and Understanding
      • 16 Persona Motivations
      • Persona Perception
      • Persona Link Analysis
        • Types of Links to Consider
      • Persona Characterization
      • Persona Profile Sketch
      • Persona Tracking – Standard Fields
      • Persona First Steps
        • Memorable or not?
        • Dimensions
    • Twelve Essential Questions
    • Clandestine Cyber HUMINT - Screenplay
  • Request for Information
    • RFI Template
    • Request for Support
    • Data/Information dissemination
    • Coordinate with other internal and external sources
    • Validate preplanned collection tasks
    • Awareness of production and analysis status
    • Update adaptive collection plans
    • Redirects and information reporting to
    • Collection Planning Forms and Tracking Collection plan effectiveness
    • The Collection Manager’s Matrix Feedback loop
  • Complete a Plan
    • The Collection Plan Templates
    • Breakdown of the templates
      • PDF Form
      • Spreadsheet Collection Plan
      • Collection Tasking Worksheet
      • Intelligence Synchronization Matrix
    • Collection Manager Tasks Redux
    • Example completed plan
    • Iterative feedback – Constant communication
      • The Collection Manager’s Matrix Feedback loop
      • Converting intelligence-related information requirements into collection requirements Strategic, Tactical, Technical
  • Data Provenance - Dates/Times Collection Planning Process Flow and Metrics
  • Credibility / Validity / Relevance After-action reviews – at any time
    • Skimming / Speed Reading
    • Data Verification
    • Admiralty Scoring
      • Use and structure
    • Types of Evidence Collection Manager Oversight
    • Pitfalls in Evaluating Evidence
  • Intelligence Risk
  • Confidence Levels for your findings
  • Collection Plan Templates
  • Case Study Finals
  • Review
  • Q&A

Lecture, Hands-on, Apprenticeship, in-class exercises, student presentations, templates, course material - 40 CPE Online Course - 8 Weeks - www.cyberinteltrainingcenter.com

04
Sep
2020

September 2020 - Cyber Intelligence Tradecraft - September 5 to October 31, 2020 - Certified Threat Intelligence Analyst

09-04-2020 - 10-31-2020
Online
USD5,299.00

ONLINE - Cyber Intelligence Tradecraft Certified Threat Intelligence Analyst from Treadstone 71.

Registration starts periodically as defined on the main Cyber Intelligence Training Center registration page.The online courses are instructor video and audio recorded with periodic direct interaction with the instructor via online web meetings. The instructor will have standard office time for question and answer as well as regular access via class email and other messaging options.

Validated and registered students will receive login and preparation information 1 week prior to class start. Prospective students must send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. from a corporate or government account to validate course eligibility before registration. (Corporate accounts are not Gmail, Hotmail, Yahoo, Mail, Hushmail, Protonmail, and the like). Treadstone 71 reserves the right to restrict course registration based upon certain risk factors.

Treadstone 71 gives you any time, anywhere access to the most intensive, intelligence community validated training. Our courses follow standards only taught in the US Intelligence Community fully adapted to the cyber environment. Our class have been taught online since 2008 and are taught intelligence community professionals 

All Treadstone 71 courses include:

  • A minimum of 8 weeks of online access easily extended
  • Hands-on case studies using cyber OPSEC methods for passive collection against adversaries
  • Certified Cyber Threat Intelligence program
  • 40 CPEs
  • Courseware and materials
  • High-quality recorded instruction
  • Direct access to the instructor
  • Access to cyber intelligence program templates and forms

We are no longer accepting registration for this event

05
Sep
2020

SIGS Switzerland Cyber Intelligence Training

09-05-2020 - 11-21-2020
Online
USD5,299.00
SIGS Switzerland Cyber Intelligence Training

ONLINE - Cyber Intelligence Tradecraft Certified Threat Intelligence Analyst from Treadstone 71.

EARLY BIRD DISCOUNT THROUGH JUNE 5 ($459.00 OFF THE RETAIL PRICE) Enter SIGS-EarlyBird at checkout.

Registration starts periodically as defined on the main Cyber Intelligence Training Center registration page. The online courses are instructor video and audio recorded with periodic direct interaction with the instructor via online web meetings. The instructor will have standard office time for question and answer as well as regular access via class email and other messaging options.

Validated and registered students will receive login and preparation information 1 week prior to class start. Prospective students must send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. from a corporate or government account to validate course eligibility before registration. (Corporate accounts are not Gmail, Hotmail, Yahoo, Mail, Hushmail, Protonmail, and the like). Treadstone 71 reserves the right to restrict course registration based upon certain risk factors.

REGISTRATION REQUIREMENT: A VALID COMPANY EMAIL ADDRESS - ANY REGISTRATION OUTSIDE THIS REQUIREMENT WILL BE REJECTED. DO NOT REGISTER WITH GMAIL, HOTMAIL, OUTLOOK, YAHOO, PROTONMAIL, MAIL, TUTANOTA OR ANY TEMPORARY OR NON-GOVERNMENT OR COMPANY EMAIL. COMPANY MUST BE LEGITIMATE. THE ORGANIZATION MUST NOT BE TIED TO AN ADVERSARY GOVERNMENT OR ORGANIZATION.

We are no longer accepting registration for this event

16
Nov
2020

Strategic Intelligence - Forecasting, Estimates, and Warnings

11-16-2020 - 11-20-2020
$5,299.00

The Strategic Intelligence Analysis, Forecasting, Estimative, and Warning Intelligence

course follows the iterative processes of the intelligence lifecycle. Strategic analysis requires a breakdown of the complexity’s analysts face during data examination. Keeping the analysis and results relevant is difficult. Analysts need to find ways to organize, rank, and present their findings. Analyst’s always keeping a close eye on what the findings will mean to the stakeholders.

Stakeholders need to understand that analysts always work with incomplete and fragmented data. Adversaries work hard to deny analysts the data. Their methods include various types of deception. This course provides analysts with a framework reducing many of the problems faced with fragmented data.

This course covers the following non-inclusively:

Strategic Intelligence Analysis, Forecasting, Estimative and Warning Intelligence  Relevant actors and their capabilities
Data, Information, Knowledge, and Intelligence Inference
Knowledge Generation Adversary Courses of Action (CoA)
Explicitly versus Tacit Knowledge CoA advantages and disadvantages
Principles of Knowledge Management Likelihood and probability in Adversary CoA
Monitoring your Business Environment Patterns, Trends, Tendencies
Analysis Projects Estimative Intelligence 
Analysis Cycle The Role of Warning Intelligence
Briefing Key Warning Factors in Preparations
Collection Planning What Is Warning?
Collecting from Unsuspecting Sources Indicator Lists: Compiling Indications
Collection from Public Domain  Fundamentals of Indications Analysis
Collection from Images Use of Indicator Lists
Collection from Things Extracting Indications Data
Collection Outsourcing Indications Chronology
Analysis Specifics of the Analytical Method
Introduction How Might they Go to Cyber War?
Attributes of strategic analysis Cyber Order of Battle Methods
Collector - Analyst Relationship Analysis of Cyber Mobilization
Collector-Analyst Differences Recognition of Cyber Buildup
Corporate Alignment Preparation for Cyber Warfare
Organizing a Strategic Analysis Function Preoccupation of Leadership / Stakeholders
Organizing a solid team Cyber Readiness
Towards a world-class strategic analysis org Magnitude and Redundancy of Preparations
Profile of an analyst Cyber Wargaming
Forecasting What is a Cyber Wargame
Multiple Scenarios Generation Why run a Cyber Wargame
Scenario analysis Principal Factors in Timing and Surprise
Influencers Examples of Assessing Timing
Link Analysis and Centrality Warning is Not a Forecast of Imminence
Estimates for future planning The Problem of Deception                                 
Case Studies and Hands-on

This course teaches students how to think independently and stay away from the low-level tactical approaches we see in daily reports. Strategic, big-picture reviews and assessments that incorporate the social, technical, economic, military, political, legislative, educational, and security, plus demographics, religion and the psychometric (STEMPLES Plus) aspects of an adversary are lost in today's world of current news posing as intelligence.  Lecture, Hands-on, Apprenticeship, in-class exercises, student presentations, analytic products, templates, course material—40 CPEs. Books provided by Treadstone 71 with some required read-ahead activities.

Contact Treadstone 71 Today for all your Cyber Intelligence needs.

CONTACT US TODAY