Matthew Lamanna, Attilio Bonaccorso - Cyber Threat Intelligence Analysis (CTIA) by Deloitte - DCTLV2025
Name of Training: Cyber Threat Intelligence Analysis (CTIA) by Deloitte
Trainer(s): Matthew Lamanna and Attilio Bonaccorso
Dates: August 11-12, 2025
Time: 8:00 am to 5:00 pm PT
Venue: Las Vegas Convention Center
Cost: $1,900
Course Description:
This course presents the fundamentals of cyber threat intelligence (CTI) and guides analysts in the application of intelligence to defensive operations. The threat environment is growing more complex and correspondingly, costs to businesses affected by malevolent activity are also increasing. As malicious software incorporates more advanced counter-detection techniques, standard anti-virus (AV) software and intrusion detection and prevention systems (IDS/IPS) become less effective. Allow lists and sandboxing technologies may mitigate many host-based attacks, but additional analysis and attribution methodologies of advanced actors are needed to identify and prioritize threats to the network.
This course applies the intelligence cycle to the full-spectrum exercise of proactive network defense. When properly employed, this process fosters a cyber environment of pre-emptive action. Network defenders and operators are provided with the required necessary tactics, techniques, and procedures (TTPs) to generate timely and relevant intelligence. Such intelligence informs stakeholders and applies network fortifications before compromise.
Course Outline:
Day 1:
Module 1: Introduction to Cyber Threat Intelligence (CTI)
Module 2: CTI Lifecycle
Module 3: Data Sources for CTI
Module 4: Tools and Techniques
Module 5: Hands-on Lab: OSINT Data Collection
Day 2:
Module 6: Threat Intelligence Analysis
Module 7: MITRE ATT&CK & D3FEND Framework
Module 8: Operationalizing CTI
Module 9: Advanced Topics in CTI
Module 10: Hands-On Lab: Real-World Threat Scenario
Capstone exercise
Difficulty Level:
Beginner
Suggested Prerequisites:
There are no prerequisites for this class.
What Students Should Bring:
Participants will need to bring their own device with a modern web browser / keyboard. Having the tools Maltego and Spiderfoot downloaded and installed would be preferrable.
Trainer(s) Bio:
Matt “Tri Star” Lamanna is a retired Master Sergeant, USAF. During active duty Matt spent 15 years as a Signals Intelligence Analyst, and 5 years offensive cyber operator/cyber threat intelligence analyst. For the past 6 years at Deloitte he has been a defensive cyber operations integration expert supporting Space Systems Command, Prototype and Innovation Delta on Kirtland AFB, NM. Matt’s also deputy program manager for a USSF SPICES contract overseeing a cyber threat intelligence team supporting the USSF Delta 6 SOC. He is also part of the PMO for Deloitte’s US Cyber Capture the Flag portfolio. Lastly, Matt is a CTIA curriculum developer and instructor as part of Deloitte’s Advanced Cyber Training portfolio.
Attilio Bonaccorso is a Specialist Master in Deloitte’s Cyber Detect & Respond offering, with 20 years' experience in Cyber Threat Intelligence and Intelligence Analysis. He is a former Intelligence Community member with the National Security Agency, the Office of the Director of National Intelligence, the National Counterintelligence Executive Office, Fleet Cyber Command, and the National Security Council as Director of Cybersecurity in President Obama's administration. Over the course of his career he specialized in SIGINT Development, as well as cyber policy, and was an NSA Adjunct Faculty member. Attilio is also a former professor from American University in Washington, DC where he taught Cybersecurity Risk Management. Attilio holds a Master’s Degree in Electrical Engineering with focuses in Cyber warfare and Cybersecurity from the Naval Postgraduate School, and a Master’s Degree in Diplomacy from Norwich University with a focus in Terrorism.
Deloitte is recognized as a global leader in Security Consulting, Cybersecurity Incident Response Services, Managed Cloud Services, and Strategic Risk Management Consulting. Deloitte is considered one of the “Big Four” accounting firms and is the largest professional services organization in the world.
Registration Terms and Conditions:
Trainings are refundable before July 8, 2025, minus a non-refundable processing fee of $250.
Trainings are non-refundable after July 8, 2025.
Training tickets may be transferred. Please email us at training@defcon.org for specifics.
If a training does not reach the minimum registration requirement, it may be cancelled. In the event the training you choose is cancelled, you will be provided the option of receiving a full refund or transferring to another training (subject to availability).
Failure to attend the training without prior written notification, will be considered a no-show. No refund will be given.
By purchasing this ticket you agree to abide by the DEF CON Training Code of Conduct and the registration terms and conditions listed above.
Several breaks will be included throughout the day. Please note that food is not included.
All courses come with a certificate of completion, contingent upon attendance at all course sessions.
Training Justification Request – DEF CON Training
To: [Manager Name]
From: [Employee Name]
Date: [Date]
Subject: Business Justification for Attendance at DEF CON Training
Dear [manager’s name],
I am requesting approval to attend DEF CON Training, one of the cybersecurity industry's most recognized technical training programs. I’ve reviewed the options and selected a course to expand my skills with [1-2 key skills focus areas for the course].
DEF CON has been one of the world’s leading cybersecurity communities for more than three decades, known for convening industry, government, and independent experts to exchange advanced knowledge and practical skills. Building on this tradition, DEF CON Training delivers intensive courses taught by recognized global instructors. DEF CON Training courses offer hands-on instruction in a challenging, fast-paced environment. Many of the courses offered by DEF CON Training align with the National Institute of Standards and Technology (NIST) NICE Framework and Department of Defense Cyber Workforce Framework (DCWF), and attending this course will help me build and sharpen the skills required for my role.
Training: [Name of DEF CON Training Course]
Instructor/Provider: [Trainer Name(s)]
Dates: [Training Dates]
Location: Las Vegas, NV
Cost: [Course Fee]
Travel Expenses: [estimated travel & accommodations costs]
Course Description: [Copy short description of the selected class from the website here]
Trainer Bio: [Copy bio of the trainers of the selected class from the website here]
Once I’ve completed the course, I’ll be able to:
[copy student outcomes from course page where available or choose 3-4 skills or topic areas from the outline that are applicable to your current role, will help you fill a skill gap, etc.]
Business Need
As cyber threats continue to evolve, it is critical that our organization maintains current knowledge of emerging techniques and industry best practices. The selected DEF CON training aligns directly with my responsibilities in [your role/field here - for example, security operations, incident response, threat detection and hunting, application security, cloud security, risk management, security engineering].
The course will provide practical, hands-on experience that can be immediately applied to our environment and security initiatives. DEF CON training emphasizes real-world attack and defense scenarios, enabling participants to develop skills that extend beyond traditional classroom learning.
Request for Approval
I respectfully request approval and funding to attend DEF CON Training this August in Las Vegas. The knowledge, hands-on experience, and industry insights gained will directly support our cybersecurity objectives and contribute to strengthening our organization's security capabilities.
Thank you for your consideration. Please let me know if you have questions or need additional information to support this request.
Sincerely,
[Employee name]