Pattern Recognition and Profiling

CyberDefenses Academy



Available Upon Request


Available Upon Request

Delivery Method



Certification of Completion

Audience / Level



Intro to Structured Analysis


Laptop required

Course Details

Program Introduction

A challenge in cybersecurity is resolving the data-overload. Security device after security device hoards data and it becomes an enormous burden to sift through the noise to detect useful data and analyze it. Finding and employing the right patterns to segment and sort data into manageable chunks becomes the challenge.

Mining data to find patterns and validating patterns from collections data are two approaches to pattern discovery. Another is profiling, which in the information sciences sense is finding correlations between data to identify and represent a person, object, group or event.

In this course, students are introduced to the process of finding and recognizing patterns via a series of labs. Each has a separate focus on a cybersecurity topic, where patterns and profiles will play a key part.

Course Objectives

  • It’s designed for those with a background in threat intelligence with a need for greater understanding and practical application of profiling and pattern recognition.
  • It conveys the necessary concepts, principles and terms to lay down a solid foundation.
  • It is a comprehensive course for those with an interest in Pattern Recognition & Profiling.

Target Student

  • Individuals desiring a better understanding of Pattern Recognition & Profiling.
  • Professionals who deal with technical issues, but feel they do not have enough background in recognizing and defining patterns or profiling.
  • Technical professionals that need to be armed with greater knowledge of incident response, pattern recognition, profiling, and their role in resolving incidents.


Monty St John
Monty St John is a computer science and information security expert, U.S. Navy and U.S. Air Force veteran, certified instructor, and author of dozens of classes for CyberDefenses. He has assisted numerous companies build and accredit laboratories, threat teams, and security operations centers. He’s also a prolific writer with two upcoming technical volumes set for 2018; Game Designer and Speaker. Learn more about Monty St John

Additional Information

  • Laptop required
  • Requires basic knowledge of computers, technology and command line interface (CLI)
    • Open and operate browsers
    • Find and use command line
    • Execute scripts
  • Prior threat intelligence, incident response, infosec, or forensics experience a plus
  • Understanding of virtual machines (VM) and how to use one.
    • Understand how to import and power on a VM

Course Outline

  • Introduction
  • Patterns & pattern recognition
    • Defining patterns
    • Discovery methods
      • Supervised (bottom-up)
      • Unsupervised (top-down)
  • Profiling
    • The Process
    • Individual profiles
      • Digital Shadows
    • Group profiles
      • Distributive
      • Non-distributive
    • Fine Tuning
  • Tips and Tricks
  • Case Study: Profiling Adversaries
  • Wrap-up & Close