Hasso-Plattner-InstitutSDG am HPI
Hasso-Plattner-InstitutDSG am HPI

Cyber Threat Intelligence (Wintersemester 2021/2022)

Lecturer: Prof. Dr. Christian Dörr (Cyber Security - Enterprise Security)

General Information

  • Weekly Hours: 4
  • Credits: 6
  • Graded: yes
  • Enrolment Deadline: 01.10.2021 - 22.10.2021
  • Teaching Form: Lecture / Exercise
  • Enrolment Type: Compulsory Elective Module
  • Course Language: English

Programs & Modules

Cybersecurity MA
Data Engineering MA
  • DSEC-Konzepte und Methoden
  • DSEC-Techniken und Werkzeuge
  • DSEC-Spezialisierung
Digital Health MA


In order to build up an effective cyber defense, an organization needs to have deep insights into the cyber threat landscape and the adversaries that are potentially targeting it. This course covers the theory and practice of cyber threat intelligence (CTI), the discipline to collect and analyze data about adversaries and turn it into actionable decision making. Throughout the course, you will learn about

- key concepts and terminology of CTI
- the current cyber threat landsacpe, current actor groups
- techniques for threat modeling
- standards and description languages to encode threat intelligence in a machine-readable format
- methods and tradecraft to collect and analyze threat intelligence
- aspects to integrate CTI into an organization's business processes for maximum impact.

During the block course, we will cover background and theory as well as investigate these concepts in case studies. In five assignments, you will turn these concepts into practice using industry-standard tooling. 


Prior participation in network security and/or cyber security management is recommended.


Reading assigned in course.


Lecture and Exercises / Assignments


After the block course, you will get a series of assignments where you will practically implement and experience the concepts covered during the lecture. You have until the end of the term to complete them, the final grade is computed as the average of these assignments.


Moodle course page: 

Block course on premise.