The CTI Analyst Challenge

Welcome to the Cyber Threat Intelligence (CTI) Analyst Challenge! 

I am excited to introduce a comprehensive repository designed to enhance the skills and expertise of CTI analysts through a challenging and engaging intelligence analysis exercise.


This repository is created to test and improve the capabilities of CTI analysts by providing a structured challenge that covers both proactive and reactive CTI tasks. It aims to simulate real-world scenarios and offer hands-on experience in fulfilling a demo client's Priority Intelligence Requirements (PIRs) and Requests for Intelligence (RFIs).

Key Features

  • Self-Directed Challenge: CTI analysts are provided with instructions and resources to independently navigate through the tasks, encouraging self-discipline and critical thinking.
  • Realistic Scenarios: The tasks are designed based on real-world inspired situations, making the training highly relevant and practical.
  • Comprehensive Training Materials: The repository includes all necessary resources and guidance to assist analysts in completing the challenge effectively.

Recommended Usage

CTI teams are recommended to utilize this free training repository in internal workshops led by managers or team leaders. These workshops can serve as an excellent platform to:
  • Discuss and Analyze Results: Review written reports generated by team members and discuss their findings in the context of real-world scenarios.
  • Identify Knowledge Gaps: Use the outcomes of the exercises to pinpoint areas where further training and knowledge enhancement are needed.
  • Foster Team Collaboration: Encourage collaboration and knowledge sharing among team members to build a stronger, more cohesive CTI team.
Take advantage of this resource to sharpen your CTI skills and elevate your team’s proficiency in handling complex intelligence challenges. Happy analyzing!

You can find The CTI Analyst Challenge on my GitHub repository below:

Popular posts from this blog

Raspberry Robin: A global USB malware campaign providing access to ransomware operators

Tracking Adversaries: Scattered Spider, the BlackCat affiliate

Lessons from the iSOON Leaks