Foundation Level Cyber Threat Intelligence 101 course badge


The Cyber Threat Intelligence 101 course is designed as a short introduction to cyber threat intelligence. This course also serves as a taster of our much larger CREST CPTIA preparation course; Cyber Threat Intelligence Practitioner.

In this course you will be given a foundation level of knowledge in a sub-section of basic CTI concepts. You can expect to learn about:

  • Threat actors / vectors
  • The Intelligence lifecycle
  • Legal and ethical considerations surrounding CTI

All arcX training courses begin with a baseline assessment and end with a final examination. Those who successfully complete the final exam will be awarded the arcX Foundation Level Threat Intelligence Analyst (FTIA) certification.

This course is not a study guide for the CREST Practitioner Threat Intelligence Analyst (CPTIA) examination, those wishing to take their CPTIA examination should consider our Cyber Threat Intelligence Practitioner course.

Study at your own pace

With our online self-directed training courses you're in charge of how quickly or slowly you work through the content.

Learn on the move

The arcX platform has been designed to work on most mobile devices, so you can keep moving and keep learning.

Challenge yourself

With rigorous testing throughout our courses, you'll have the opportunity to continually improve, and measure improvements against past performance.

Certified excellence

Our courses aren't just good, they're excellent and we are a CREST Approved Training Provider.

  • 100% online and on-demand self-study course
  • 4+ hours of training content
  • Includes 2.5+ hours of video training
  • Engaging exercises
  • 100+ practice questions
  • arcX final micro exam

Course Delivery

The Cyber Threat Intelligence 101 training course is the equivalent of a 1 day classroom course. The training is delivered online using the power of the arcX platform with the added benefit of being able study at your own pace, online and through a range of training resources

Video Content

Video is the primary delivery method of the arcX Cyber Threat Intelligence 101 training course. There are a total of 11 videos to watch totalling roughly 2.5+ hours


Expect to find plenty of tests within this course! Using our bespoke testing engine, you will recieve both free-form and adapting testing throughout designed to help consolidate learning and continually challenge your ability.

Practical Exercises

This course comprises of 4 exercises ranging from micro exercises taking a few minutes to complete up to full research projects taking hours. All exercises are designed to help you assess how well you have grasped a concept.

Additional Reading Material

The course includes downloadable reports and research papers that will reinforce the concepts taught.

arcX Final Exam

The Cyber Threat Intelligence 101 course culminates in a final challenging exam designed to test your knowledge and skills.

The exam is made available upon marking 95% of the course content complete.

The course also includes one free exam retake. Why not unlimited retakes? Because we want you to learn the content, not how to pass our test.

Those attaining the required pass mark will be awarded with an arcX Foundation Level Threat Intelligence Analyst (FTIA) Certificate.

arcX Certificate

What will this course teach me to do?

This course will provide a very basic introduction to cyber threat intelligence, touching on some useful concepts. The course is intended as a taster course for our much larger and in depth Cyber Threat Intelligence (CTI) Practitioner course but it should provide you with some useful information about the role of a CTI analyst

By the end of this course you will be capable of:

  • Explaining how CTI is used within an organisational context
  • Discussing the different types of threat actors and the impact they can have on organisations and individuals
  • Explaining what the attack surface of an organisation is and what some of the most common threat vectors are
  • Explaining what the intelligence cycle is and how it is used by CTI analysts to produce actionable intelligence for customers
  • Discussing the basic implications of legal and ethical morality on the day-to-day role of a cyber threat intelligence analyst

Who is this for?

A highly-beneficial course for those looking to enter the fray as a cyber threat intelligence analyst or for those already in the industry. It also serves as a complimentary course for all cyber security professionals looking to add additional skills, knowledge and insight to their day-to-day role. The perfect choice for:

  • People with no prior experience
  • Threat Intelligence Analysts
  • CREST exam preparation
  • Penetration Testers
  • SOC Analysts
  • Incident Responders
  • Non-technical managers
  • Cyber Security Enthusiasts
  • Board Executives

Course Syllabus

  • Section 1 - What is Cyber Threat Intelligence: In this section we will be introducing you to the concept of cyber threat intelligence and what it means.
  • Section 2 - What's in the name: In this section we will take a look at the words 'cyber', 'threat' and 'intelligence', and how they interact with each other.
  • Section 3 - How organisations use CTI: In this section we will break down the concept of cyber threat intelligence within the context of an organisation and explain how it can be used to stay ahead of the threat.
  • Section 4 - The Role of a Cyber Threat Intelligence Analyst: In this short section we will be exploring the role of a cyber threat intelligence analyst and what you can expect from a career in the industry.

  • Section 5 - Grey, White and Black Hat Hackers: In this section we will taking a look at the main categories of threat actors and how they differ.
  • Section 6 - Breaking Down Black Hat Hackers: We will be taking a more detailed look into nefarious hacking groups and their motivation, capability and infrastructure.

  • Section 7 - Threat Vectors and Vulnerability Types: In this short module we will be taking an initial look at common threat vectors that an organisation may face and develop your understanding of what an attack surface is.

  • Section 8 - Introduction to the Intelligence Cycle: In this module we will examine the foundation of cyber threat intelligence and discuss its use within an organisation.

  • Section 9 - Applying Law and Ethics to CTI: A look at how law and ethics relate to the world of Cyber Threat Intelligence.

Instructor Profile

Stewart Bertram

Stewart has worked within the field of Intelligence and Security for the past 18 years with experience across both the private and public sector. Starting his career in 2004 in the Intelligence Corps of the British Army, Stewart entered the private sector in 2009 and has held a number of roles in Cyber Threat Intelligence (CTI) since then. These have included product development, service delivery and consulting, with his most recent roles involving the management of specialist teams involved in research into the cyber criminal underground and nation state threat actors.

Holding both a Masters in Computing and a Master of Letters in Terrorism Studies from St. Andrews University. Stewart was also among the first in the world to pass the CREST Certified Threat Intelligence Manager (CCTIM) examination.

Stewart’s research interests and work have always sat at the intersection of technology, security and people focused issues. These unique areas of focus are bought to bare within his role at arcX, where he is responsible for the design and delivery of the core CREST related CTI courses and oversight of the wider Cyber Threat Intelligence stream.


  • 100% online and on-demand self-study course
  • 4+ hours of training content
  • Includes 2.5+ hours of video training
  • Engaging exercises
  • 100+ practice questions
  • arcX final micro exam

Buying in bulk? Contact us.

ernst and young ministry of defence ncc group uk government raytheon home depot