Our Certification is a practical examination by Recorded Future Senior Threat Intelligence Analysts in line with pre-established criteria for determining proficiency in Recorded Future. Successful candidates will demonstrate clear and thorough knowledge of threat intelligence principles through the configuration of Threat Views, data visualization and export, and successfully identifying necessary information from a set of intelligence requirements, within a given time. Successful candidates will receive a certificate of course completion, Recorded Future Certified Analyst numbered certificate, and are able to use the Recorded Future Certified Analyst emblem on their physical and digital resume.
Please view the Recorded Future Course Catalog here. The Certified Analyst InfoSheet is attached at the bottom.
Please contact your Intelligence Services Analyst to register.
A successful candidate will demonstrate:
- Ability to define threat intelligence and related concepts and terms, including sources, methods, threat vectors, threat actors, vulnerabilities, assets, and risk.
- Familiarity with common threat models and ontologies, including the Intelligence Cycle, Cyber Kill Chain, the Diamond Model, and the Pyramid of Pain.
- Working comprehension of analysis fundamentals, process, and analytic methods, including opportunity analysis, lynchpin analysis, Analysis of Competing Hypotheses.
- Functional understanding of open sources information and intelligence resources, including technical reporting, open source tools and sites, news sources, social media, and community oriented reporting resources, such as VirusTotal and Malwr.com.
- Competency in Recorded Future product navigation, iconography, features, and support resources.
- Proficiency in configuring Recorded Future towards your organization’s strategic, tactical, and operational goals.
- Working knowledge of Threat Views Global views, including the purpose and constraints of columns, cyber threat signal.
- Configuration of Threat Views using Watch Lists, including threat monitoring of brand, software assets, logical assets, industry vertical, and relevant cyber attack attributes, including attackers, threat vectors, vulnerabilities, targets, and named operations.
- Working knowledge of Intelligence Cards, including risk scoring and risk rules, reference counts, context entities, pivots to visualizations, and data exporting options.
- Setup and use of OMNI Intelligence Partner Extensions within applicable Intelligence Cards, including Intelligence Partner organizations and capabilities.
- Strong proficiency with Recorded Future table view and orienting the reference table to identify key references and entities of interest via the entity tree,.
- Proficiency in orienting and annotating the timeline view through group and color settings, and modifying the timeline of events.
- Understanding of Source Map, including major source types in Recorded Future, sources and authors, and language collection.
- Working competency of Search and Advanced Search to surface appropriate IOCs, vulnerabilities, malware, and threat actor Intelligence Cards
- Research and enhance pivots from pre-built queries, and modifying queries for clarity.