FISMA Training - The NIST Series

NIST is coming out with new standards, updates to existing guidelines and new guidelines at a much faster rate than in previous years. Threats continue to morph, audit requirements continue to become more stringent, and CyberScope questions and audit recommendations from the previous year are being addressed while the agency awaits the 'late' arrival of new CyberScope questions for the existing year (even 5 to 6 RMFmonths into the Fiscal Year).

As the new guidance from NIST is released, many organizations do not have time to review the extensive documents and come up with a strategy to apply the guidance to their particular environments. In addition, many government agencies are so large and decentralized that many key security and agency staff do not get the message on the new standards and guidance. They are too busy with their day-to-day jobs to spend time understanding what the new information means to them.

In response to these issues, Treadstone 71 created the FISMA Focused Role Based Training. For example, our training covers all aspects of how to apply the risk management framework (RMF) as defined in NIST Special Publication 800- 37Rev1. We cover the six steps (Figure 1), roles and responsibilities, as well as how to apply the into your systems/software development lifecycle. We provide training on security program assessments as outlined in 800-100; in-depth information on how to apply and build an enterprise integrated risk management program through all three defined Tiers (800-39); the new risk management process as defined in 800-30Rev1; and the most difficult that seems to be giving many organizations trouble - defining, applying and integrating continuous monitoring through all three Tiers and control types (managerial, technical and operational) so a cohesive approach is applied. We even provide training on how best to interface with the office of inspector general (OIG) and other auditors. Treadstone 71 believes this interface and relationship should be not only amicable but also symbiotic in nature.

Contract Treadstone 71 to find out how we can help you educate your staff, integrated the new guidelines while getting ready for the next OIG audit.

Call today 1-888-714-0071 or email us at This email address is being protected from spambots. You need JavaScript enabled to view it.

Search Our Site

Treadstone 71 YouTube Channel 



The Cyber Intelligence Training adds rapid returns to both Cyber Intel Analysts, and Security Ops Centers.  Each student receives quality instruction and hands-on experience with today’s OSINT tools and intelligence tradecraft.  This is necessary for anyone new to Cyber Intelligence and complimentary to any Security Operations within your enterprise. This 4.5-day class provides the student with the resources and fundamentals needed to establish cyber intelligence as a force as both a proactive offensive step and a counter intelligence-contributing arm of your larger team.  – Antonio 

Online Cyber Intelligence Training Center for online courses

Jan 14-18, 2019 Cyber Intelligence - Amsterdam, NL

Cyber Intelligence Tradecraft Certification - Reston, VA March 4-8, 2019           

Cyber CounterIntelligence Tradecraft Certification - Reston, VA March 11-14, 2019

Intelligence Tradecraft - CounterIntelligence - Clandestine Cyber HUMINT  - Cyber Psyops - Persona Creation and Management - Cyber Influence Operations - Middle Eastern Cyber Warfare Tradecraft

Blended courses - Courses on demand - Courses developed per your needs, quietly and quickly

Students and organizations taught (non-inclusively): AIB, American Express, Capital One, NATO, Belgian Military Intelligence, Commonwealth Bank, Bank of America, ING, NCSC NL, Defense Security Services, PNY, Dell Secureworks, HPE Security, EclecticIQ, Darkmatter (AE), General Electric, General Motors, PNC, Sony, Goldman Sachs, NASA, DoD, East West Bank, Naval Air Warfare Center, VISA, USBank, Wyndham Capital, Egyptian Government, DNB Norway, Euroclear, Malaysian Cyberjaya, People's United Bank, Baupost Group, Bank of North Carolina, Fidelity Investments, Citi, Citigroup, T. Rowe Price, Wells Fargo, Discover, Blackknight Financial Services, Intercontinental Exchange (ICE), Citizens Financial Group, Scottrade, MetLife, NY Life, Synchrony Financial, TD Ameritrade, National Reconnaissance Office, FBI, Stellar Solutions, Lockheed Martin, Harvard Pilgrim, State of Florida, Deloitte, Ernst and Young, Mitsubishi, Tower Research, Geller & Company, KeyBank, Fannie Mae, BB&T, Aviation ISAC, JP Morgan Chase, Barclays, Nomura International, ING, Finance CERT Norway, BBVA, PenFED, Santander, Bank of America, Equifax, BNY Mellon, OCC, Verizon, Vantiv, Bridgewater Associates, Bank of Canada, Credit Suisse, HSBC, International Exchange, Vista Equity Partners, Aetna, Betaalvereniging Nederland, Dutch Police, non-inclusively (as well as several other firms by proxy as they hire qualified intelligence professionals trained by Treadstone 71).

Terms of Use - Privacy Policy - Course EULA



"Fantastic class that gets to the foundational aspects of traditional tradecraft. We studied hard examining recent attack campaigns. The analysis training prepared me for real-world efforts. Have to say this is one of the best classes I have ever taken having taken many from SANS.  SANS does not compare. They are more of a class mill today.  The Treadstone 71 course material is unique, focused, and timely."

“This is one of the best, if not the best, Cyber Threat Intelligence training course I've attended.”


Ironically, said Bardin, it was Stuxnet that led Iran to enhance its offensive capability: ‘If Stuxnet had happened to the US or UK, it would have been seen as an act of war. In Iran, it made them invest heavily in offensive cyber operations.’

He revealed that 18 percent of Iranian university students are studying computer science – a cyber warfare talent pool.

Treadstone 71 Interview - Daily Mail on Industrial Control System Hacks



Treadstone 71 Cyber Intelligence Services

Treadstone 71 at Blackhat


Treadstone 71 New Services - Analysis as a Service

Cyber Jihad - 2008-2011 Compilation Part 1

Cyber CoiunterIntelligence Doctrine

Iran Cyber Proxies and Capabilities 

The Irari Report

Gaming as a Method of Jihadist Training

Treadstone 71 Keynote

Treadstone 71 Fox News

Treadstone 71 Hacktivity