About this Course

Time Commitment: Approximately 12-14 hours

The Diamond Model of Intrusion Analysis is a landmark cybersecurity work and recognized by the community as one of the key resources for all cybersecurity analysts to understand.  This course is for all cybersecurity analyst experience levels.

Taught by the primary Diamond Model creator, this is the definitive course on the subject.  Structured as a rigorous graduate course with a significant amount of related readings, thought exercises, practical exercises, and regular quizzes, this course will take an analyst at any level and grow their capabilities and abilities.

After this course analysts will have a fresh and advanced perspective on every analytic problem and task.

  • Understand and gather key analytic requirements
  • Define achievable and testable analytic problems
  • Enrich knowledge and intelligence with external sources
  • Hunt threats using 720 different techniques
  • Integrate the Diamond Model, Cyber Kill Chain, and MITRE ATT&CK framework to understand any cyber threat
  • Correlate malicious events across incidents to identify campaigns
  • Define new threat groups
  • Attribute threat groups using correlation
  • Identify and fill detection gaps
  • Measure detection coverage
  • Create effective detection and mitigation strategies to better protect any organization
  • Disrupt malicious activity using 12 new strategies


The course concludes with a final exam of 30 questions requiring a 70% or better passing grade. A passing grade will result in certifying the student in Diamond Model analysis and an associated certificate.

The course material and exam is available to students for 364 days after purchase.

Reviews

5 star rating

Great course for both beginners and people who are famili...

Sherman Chu

Sergio Caltagirone has not only made what is within the original paper very digestible, but he also further expands upon the key concepts of the diamond mode...

Read More

Sergio Caltagirone has not only made what is within the original paper very digestible, but he also further expands upon the key concepts of the diamond model. I have read the paper a handful of times before this course. Coming out of it, I can confidently say that my understanding of the diamond model has deepened and will be implementing some of the key takeaways that I have gained within our CTI team.

Read Less
5 star rating

Highly recommended course for all interested or working i...

Timo Jobst

I started the course because I was always interested in the Diamond Model but never read the complete paper only the summary document. The combination of sp...

Read More

I started the course because I was always interested in the Diamond Model but never read the complete paper only the summary document. The combination of split reading the document in several sessions, additionally reading other really good and relevant papers and finally explaining everything in between in short videos is a perfect way to teach and learn. Seeing how this model can be used together with the Cyber Kill Chain and the MITRE ATT&CK framework and how they complement each other is really great. Attending this course was fun and boosted my level of knowledge.

Read Less
5 star rating

Sensational

Ricardo Silva

One of the best courses I have ever taken in my career. Totally disruptive !!!

One of the best courses I have ever taken in my career. Totally disruptive !!!

Read Less
5 star rating

Mandatory training for CTI Analysts!

Przemyslaw Skowron

Diamond Model of Intrusion Analysis training is one of the best on my CTI training path so far, and I highly recommend it for all Analysts and Managers in ...

Read More

Diamond Model of Intrusion Analysis training is one of the best on my CTI training path so far, and I highly recommend it for all Analysts and Managers in this field. Regardless of what you are focused on, Requirements, Collection, Analysis or Writing Intel products. It is good training for people from the DFIR field as well - Threat Hunters, Incident Responders. I've read the Diamond Model paper before the course, I even used it with my approach, figuring out how to leverage strong sides of the model, but it has a source in my previous experience, not the training. With Sergio's (trainer) guidance, comments, exercises (+explanation!), which allows settling the Diamond Model in my world, I'm much more familiar and aware of the co-author's philosophy, purposes, powers and limitations of the model. The course is worth much more than the current price. Thank you, Sergio!

Read Less
5 star rating

Diamond Model in depth

Andrea Garavaglia

Who do you want to learn how to master the Diamond Model from if not from one of its creators? I recommend this course to all CTI analysts. Thanks to Sergio...

Read More

Who do you want to learn how to master the Diamond Model from if not from one of its creators? I recommend this course to all CTI analysts. Thanks to Sergio for that.

Read Less

Ready for Free Trial?

Enroll now in a no-obligation trial of the course with access to some of the course lessons.

Course curriculum

    1. Welcome Letter

    1. How to use this course

    1. Read Diamond Model Sections 1-3 pages 1-8

    2. Diamond Model Overview

    3. Test your learning

    1. Prerequisite: Read Section 4 pages 8-19

    2. Diamond Model Event

    3. Diamond Meta-Features

    4. Test your learning

    1. Read Diamond Model Section 5 pages 19-24

    2. Extended Diamond Model Overview and Social-Political Feature

    3. Persistence and Victimology

    4. Technology Diamond Feature

    5. Test your learning

About this course

  • $799.00
  • 80 lessons
  • 6.5 hours of video content

Instructor(s)

Lead Instructor Sergio Caltagirone

Sergio Caltagirone has been called the "Godfather of Threat Intelligence" having built over a dozen threat intelligence teams in both public and private sector and leading the development of threat intelligence worldwide with hundreds of publications and presentations. He co-created the Diamond Model of Intrusion Analysis, helping thousands of others bring more pain to adversaries by strengthening hunters and analysts. He spent 9 years at the US National Security Agency as their lead threat intelligence analyst hunting and tracking the world's most sophisticated threats. He left NSA to build Microsoft's threat intelligence capability and practice protecting over 1 billion customers from cyber threats. Now, Sergio leads the world's only dedicated industrial control system threat intelligence team at Dragos protecting electric power grids, water systems, oil and gas plants, and manufacturing worldwide. He furthers several humanitarian goals through membership on the International Committee of the Red Cross cybersecurity experts committee and serving as Technical Director for the Global Emancipation Network combating human trafficking on the internet globally.

Want to get updates about this course?