Event details

Mandiant Academy Training Event

  • Course: Artificial Intelligence (AI) Advantage: Elevating Cyber Defense (on-demand)
  • Date: 3 months to complete from the date of enrollment (not from the date of first login)
  • Cost: $2,000 USD or 2 units
  • Delivery Method: On-demand (self-paced / web-based training)
  • Location: Mandiant Academy learning platform

At a glance

This 8-hour training track provides practical knowledge about how to leverage artificial intelligence (AI) to enhance cyber security defense. It emphasizes that understanding and utilizing AI is a necessity in today's rapidly evolving threat landscape. Participants explore use cases that focus on the improvements and efficiencies AI can deliver, demonstrating how AI can be a critical ally for all cyber security professionals, from front-line defenders to cyber threat intelligence (CTI) analysts.

Using industry standard tools, this track demonstrates the real-world applications of AI for cyber defenders, showcasing how it can automate repetitive tasks, analyze vast datasets for hidden threats, and provide insights that would be impossible for a human analyst to complete in a reasonable timeframe. The track is divided into 3 courses, each approximately 2-3 hours in length:

  1. Introduction to Artificial Intelligence (AI)
  2. Optimizing Common Intelligence Tasks
  3. Improving Complex Defender Problems

Course goals

After completing this course, learners should be able to:

  • Explain the difference between AI, GenAI, Machine Learning (ML), and Large Language Models (LLMs).
  • Identify the strengths and weaknesses of prompt engineering, as well as how to use it more effectively.
  • Use Google's powerful suite of AI tools such as Gemini, NotebookLM, and Colab.
  • Recognize some of the risks of using AI and LLMs in your organization.
  • Describe the basic operations of using AI to improve several cyber defender tasks, including:
    • Improving internal collection techniques
    • Collation and aggregation of intelligence feeds
    • IOC consumption, extraction, and analysis
    • Generation of intelligence requirements to drive downstream intelligence activities
    • Intelligence outcomes including research, writing, and summarizing
    • Preliminary malware analysis
    • Identification of vulnerabilities
    • Use of AI user agents to execute repeatable intelligence processes

Course outline

The Track consists of the following courses, with demonstrations included throughout.

  1. Introduction to Artificial Intelligence (AI): This course introduces the core terminology associated with AI and discusses foundational knowledge every analyst should have to be successful when using it. Notable Google GenAI tools are introduced, and high-level risks and responsible use are outlined. An overview of prompting sets the stage for further use cases.
  2. Optimizing Common Intelligence Tasks: This course highlights how AI can help improve the efficiency, accuracy, and speed of common intelligence tasks: research, writing, and summarizing intelligence reports. This course aims to reduce the manual load often associated with intelligence production.
  3. Improving Complex Defender Problems: This course discusses the various ways in which cyber security defenders can leverage AI in their roles, including collection, organization, consumption, and analysis. This course aims to dig into specific functions across the intelligence lifecycle and demonstrate where AI can add significant value in terms of efficiencies, accuracies, and productivity.

Who this course helps

This course was designed by cyber security professionals for cyber security professionals, from front-line defense to cyber threat intelligence (CTI) analysts. The track is specifically designed for those who wish to use AI to generate immediate efficiencies within their current or planned work processes. 

Participant requirements

This course assumes the following:

  • Participants understand fundamental topics and terminology within cyber security, including the general roles and responsibilities of security functions such as a security operations center (SOC), incident response (IR), cyber threat intelligence (CTI), and vulnerability management.
  • Participants understand foundational intelligence terms and concepts such as what constitutes a threat, how cyber threats broadly impact computing operations, and the damage cyber threats can inflict upon businesses.
  • Participants have a working knowledge of core intelligence principles such as analytical tradecraft, the intelligence lifecycle, and operational elements that combine to produce and consume intelligence, including research and writing.  Participants are also familiar with the risks involved in poor intelligence practices and misaligned tradecraft, including the damage that inaccurate and misleading intelligence can have to key stakeholders and the issuing organization.

Those who do not feel confident about their foundational knowledge or experience of these subjects should not be discouraged from returning to complete the track eventually. To upskill, we recommend taking one of the many intelligence fundamentals courses available at Mandiant Academy.

Duration

8 hours on-demand (about 2-3 hours per module)

What to bring

Participants should bring their own laptop computer with the latest browser of choice and the ability to connect to the internet. Participants do not require access to the tools demonstrated in this track; however, access to the tools will significantly improve the learning experience and knowledge retention.