Organizations thrive on being able to make the best decisions possible with the best knowledge available. Advances in technology allow for more and more data to be collected inside and outside of a company. While technology has not replaced human intelligence, it has managed to augment it. With an even vaster amount of information at our disposal, the need to understand it in a meaningful way is even greater. Good analysis is the key here, with a focus on analyzing trends, creating predictive models and analyzing security information to build strong controls and mitigations to problems.
Once data collections has started, a means to gather and store the data in such a way it can be understood is critical. The process of storing and understanding data is called Data mining, usually performed via a threat intelligence platform (TIP). Data is collected in different formats and may be with or without metadata or context. Profiling the data is where intelligence is fashioned from context infused information and made available for action, the analyzed knowledge of the history and past interactions of adversaries showing what they may take as their next move.
This is a very hands-on class, where students are challenged via a series of labs to showcase their analysis and profiling skills. The labs are contained within multiple VMs and students will min, analyze and profile the data and then map it to known and suspected enemies to build a threat matrix.