Certified Threat Intelligence Analyst (CTIA)
The EC-Council Certified Threat Intelligence Analyst (CTIA) is a specialist certification that trains professionals to produce, consume, and operationalise cyber threat intelligence. CTIA covers the full intelligence lifecycle — from data collection and processing through analysis and dissemination — and integrates frameworks like MITRE ATT&CK, STIX/TAXII, and Cyber Kill Chain. It is ideal for analysts who want to proactively defend organisations by understanding adversary tactics, techniques, and procedures (TTPs).
What is the Certified Threat Intelligence Analyst (CTIA)?
The EC-Council Certified Threat Intelligence Analyst (CTIA) is a specialist certification that trains professionals to produce, consume, and operationalise cyber threat intelligence. CTIA covers the full intelligence lifecycle — from data collection and processing through analysis and dissemination — and integrates frameworks like MITRE ATT&CK, STIX/TAXII, and Cyber Kill Chain. It is ideal for analysts who want to proactively defend organisations by understanding adversary tactics, techniques, and procedures (TTPs).
Who Should Take This Course?
- Threat Intelligence Analysts and Researchers
- SOC Tier 2 and Tier 3 Analysts expanding into threat intel
- Incident Responders and Digital Forensics professionals
- Security Architects and Vulnerability Management teams
- Red and Blue Team members seeking intelligence-driven approaches
- Risk and Compliance Officers managing threat landscapes
- Anyone targeting roles in cyber threat intelligence (CTI)
What You Will Learn in the CTIA Course
A comprehensive curriculum covering all exam objectives with hands-on labs and real-world practice.
Threat Intelligence Fundamentals
Understand the core concepts, types, and value of cyber threat intelligence.
- Types of threat intelligence: strategic, tactical, operational, technical
- Threat intelligence lifecycle: collection to dissemination
- Intelligence requirements and stakeholder communication
- Threat intelligence maturity models
Cyber Threat Intelligence Frameworks
Apply industry frameworks for structured threat analysis.
- MITRE ATT&CK: tactics, techniques, and procedures (TTPs)
- Cyber Kill Chain and Diamond Model of intrusion analysis
- STIX/TAXII for structured threat information sharing
- CAPEC and CVE/CVSS for vulnerability intelligence
Threat Data Collection and Processing
Gather and process raw threat data from diverse sources.
- Open-source intelligence (OSINT) for threat research
- Dark web monitoring and underground forum analysis
- IOC collection from malware sandboxes and honeypots
- Threat intelligence feeds and commercial platforms
Threat Analysis and Attribution
Analyse threat data and attribute activity to threat actors.
- Adversary profiling and threat actor group tracking
- Campaign analysis and intrusion set correlation
- Malware family identification and tracking
- Attribution methodologies and confidence levels
Threat Intelligence Platforms and Automation
Leverage platforms and automation to scale intelligence operations.
- Threat intelligence platforms (TIPs): MISP, OpenCTI, ThreatConnect
- Automating IOC enrichment and threat hunting queries
- Integrating threat intel into SIEM and SOAR platforms
- Creating automated intelligence workflows
Threat Intelligence Reporting and Dissemination
Communicate intelligence findings to diverse audiences effectively.
- Writing tactical, operational, and strategic intelligence reports
- Threat briefings for executive and technical audiences
- Sharing intelligence via ISACs and information sharing communities
- Measuring the impact and quality of threat intelligence
Course Prerequisites
Pre-requisites training is free when you purchase the course from ProSupport
- Understanding of networking concepts and common protocols
- Familiarity with cybersecurity fundamentals and attack types
- Basic knowledge of SIEM and log analysis
- CEH or CompTIA Security+ experience beneficial but not required
- At least 2 years of IT security experience recommended
Exam Information
Everything you need to know about the CTIA certification exam.
| Exam Component | Details |
|---|---|
Exam Name | Certified Threat Intelligence Analyst |
Exam Code | 312-85 |
Exam Type | Multiple Choice |
Total Questions | 50 |
Passing Score | 70% |
Exam Duration | 120 minutes |
Language | English |
Exam Provider | EC-Council / Pearson VUE |
Exam Focus | Threat intelligence lifecycle, frameworks (MITRE ATT&CK, Kill Chain), data collection, analysis, attribution, and reporting |
Exam Registration | EC-Council Exam Center (eccouncil.org/programs/certified-threat-intelligence-analyst-ctia/) |
Retake Policy | EC-Council retake policies apply; additional exam fee required |
Certification Validity | 3 years (120 ECE credits for renewal) |
Exam Topics
Training Plans
Select the plan that matches your career goals
Basic
Certification Program
- Certification syllabus training
- Private instructor-led live classes
- Hands-on labs
- Practice exams
- Certification exam guidance
Pro
Certification + Projects
- Everything in Basic
- Real-world industry projects
- Case studies
- GitHub portfolio project
- Assignment reviews
- Capstone mini project
Premium
Career Acceleration
- Everything in Pro
- Resume building
- LinkedIn profile optimization
- Interview preparation
- Mock interviews
- Career mentoring sessions
- Capstone project
- Certification exam strategy
- Industry use-case training
Need custom enterprise pricing? info@prosupportconsulting.in
Learning Path
Your certification journey — from prerequisites to advanced roles.
CTIA — Certified Threat Intelligence Analyst
Related Certifications
Ready to Get Certified?
Start your Certified Threat Intelligence Analyst (CTIA) journey with private 1-to-1 training from certified industry developers.