The Certified Cyber Intelligence Analyst (CCIA) is a 52 CPE-credit, generative-AI-augmented training program that teaches OSINT collection, structured analytic techniques, bias mitigation, deception detection, and AI-assisted intelligence reporting across a 16-week self-paced path. Graduates produce decision-ready intelligence products under IAFIE-aligned standards and earn the Certified Cyber Intelligence Analyst credential recognized by federal agencies, defense contractors, and Fortune 500 security teams.
Price
$4,699 USD
Duration
16 Weeks
Format
Self-Paced Online
CPE Credits
52 Hours
Modules
15
Credential
CCIA
What You Will Learn
Core tradecraft delivered across 15 generative-AI-enhanced modules
- OSINT collection and source validation — disciplined collection planning, provenance controls, anonymous browsing tradecraft, and structured use of open sources
- Structured Analytic Techniques (SATs) — Analysis of Competing Hypotheses, Key Assumptions Check, Red Team analysis, Devil's Advocacy, and 30+ advanced techniques
- Cognitive bias mitigation — recognize and counter confirmation bias, anchoring, groupthink, and mirror imaging in analytic production
- Generative AI-assisted tradecraft — apply AI to source validation, draft reporting, bias detection, and forecasting without surrendering analytic judgment to the model
- Deception and denial detection — identify hostile information operations, deception planning, reflexive control, and adversary narrative engineering
- Adversary targeting and dossier development — build threat actor profiles, map APT group capabilities, and assess intent and motivation
- Intelligence reporting standards — BLUF and AIMS frameworks, ICD 203 tradecraft compliance, confidence language, and warning indicators
- Operational security (OPSEC) — persona construction, infrastructure hygiene, attribution defense for collection operations
What You Will Be Able To Do After
Concrete operational capabilities upon completion
- Produce intelligence assessments that meet IAFIE and ICD 203-equivalent tradecraft standards under operational deadlines
- Plan and execute multi-source OSINT collection operations with documented provenance and source-reliability grading
- Apply SATs to high-stakes assessments, including ACH and structured red-team analysis for contested judgments
- Build and brief adversary dossiers covering capability, intent, opportunity, and indicators of change
- Detect and document hostile influence operations, narrative manipulation, and cognitive warfare campaigns targeting your organization
- Integrate generative AI into the intelligence production workflow as an analytic accelerator while preserving human judgment
- Write and brief intelligence products to executive, operational, and tactical audiences with appropriate confidence language
- Lead a cyber threat intelligence team through the full intelligence lifecycle from PIR validation to dissemination feedback
Who This Is For
- Threat intelligence analysts moving from indicator-driven reporting to assessment-driven production
- Cyber threat intelligence team leads building or maturing organizational intelligence programs
- SOC analysts and incident responders transitioning into intelligence-focused roles
- Counterintelligence and insider threat practitioners integrating cognitive and behavioral analysis into their tradecraft
- Federal civilian and defense analysts seeking IAFIE-aligned tradecraft training with CPE credit
- Security leaders developing intelligence literacy to evaluate and direct analyst output
- Career changers from military intelligence or law enforcement translating analytic skill into cyber-domain practice
Prerequisites
- No formal prerequisites required — the course is designed for working analysts at all experience levels
- Recommended: 1+ years in cybersecurity, intelligence, or a related analytic discipline
- Helpful: familiarity with the intelligence cycle, basic OSINT tooling, and analytic writing conventions
- Technical: a workstation capable of running a Linux VM and browser-based OSINT tools; corporate email address for enrollment validation
How CCIA Differs From Other Cyber Intelligence Training
Cyber intelligence training is dominated by technically-oriented courses focused on indicator hunting and SIEM operation. CCIA is purpose-built for analytic tradecraft — the discipline of converting raw collection into decision-ready assessments — rather than tool operation.
| Dimension | CCIA (Treadstone 71) | Typical Alternative |
|---|---|---|
| Standards alignment | IAFIE / PHIA / ICD 203-equivalent tradecraft | Vendor curriculum or NIST framework only |
| Analytic foundation | CIA / DIA tradecraft adapted to cyber domain | Technical indicator analysis without analytic framework |
| SAT coverage | 30+ structured analytic techniques with applied exercises | 2-4 techniques referenced, rarely practiced |
| AI integration | Generative AI as analytic accelerator with bias controls | AI treated as a separate tool or omitted entirely |
| Cognitive warfare | Embedded across modules with Russian / Chinese / Iranian doctrine | Not addressed |
| Instructor access | Direct mentor access to Treadstone 71 principal analysts | Anonymous instructor or rotating teaching assistants |
| Federal recognition | NICCS-listed in CISA cybersecurity workforce catalog | Vendor certification only |
| Lineage | Operational since 2002; first master's-level cyber intelligence curriculum (Utica College, 2009) | Recent curriculum without analytic-tradecraft heritage |
About the Instructor
Treadstone 71
We See What Others Cannot
Treadstone 71 is a veteran-owned cyber intelligence firm operational since 2002, codifying CIA and DIA-style intelligence tradecraft for the cyber domain. The firm's foundational capability rests on a rare synthesis of United States Air Force cryptologic linguistics (Arabic and Russian), United States Army armored reconnaissance, academic study of Middle Eastern and Russian history, language, and political systems at Trinity College, Middlebury College, and Colgate University, and direct in-country immersion in Jeddah, Kingdom of Saudi Arabia during the formative years of the modern jihadist movement (1988–89). A Master of Science in Information Assurance from Norwich University extends the field tradecraft into enterprise-scale risk management. The aggregate methodology has been continuously refined across four continents of operational engagement.
Treadstone 71 was honored with the 2007 RSA Conference Award for Excellence in the Field of Security Practices and the 2007 SC Magazine Award for Best Security Team. Operational engagements span clandestine cyber HUMINT (including sustained adversary persona operations within Al-Qaeda and Taliban networks), real-time OSINT support to the Boston FBI following the 2013 Marathon bombing, FBI special-agent OSINT instruction, and senior-leader briefings at NATO Cooperative Cyber Defence Centre of Excellence (CyCon, Estonia), the United States Naval Academy, the Air Force Institute of Technology, and Johns Hopkins. Treadstone 71 is a founding member of the Cloud Security Alliance and holds board seats with Boston InfraGard, the Potomac Institute for Policy Studies, and the Journal of Law and Cyber Warfare.
From 2009 to 2014, Treadstone 71 codified field-tested clandestine cyber tradecraft into the first master's-level cyber intelligence curriculum, established at Utica College, with parallel instruction in Information Security Risk Management at Clark University. The Cyber Intel Training Center is the operational continuation of that curriculum — IAFIE-aligned, PHIA-standards-compliant, and listed in the CISA NICCS cybersecurity workforce development catalog. Treadstone 71 has authored or contributed to The Illusion of Due Diligence — Notes from the CISO Underground, Current and Emerging Trends in Cyber Operations, and multiple editions of the Computer Information Security Handbook, and appears as a primary subject-matter expert on CNN, CBS News, Fox News, BBC Radio, BBN, and i24News.
USAF Cryptologic Linguist (Arabic, Russian)
US Army Armored Scout Platoon Leader
Trinity College — Middle East Studies & Arabic
Norwich University — M.S. Information Assurance
2007 RSA Conference Award
2007 SC Magazine Best Security Team
NATO CCDCOE · USNA · AFIT Briefings
Cloud Security Alliance Founding Member
Considering a full cyber intelligence program build, not just training? Treadstone 71's consulting practice delivers operational intelligence programs end-to-end.
Explore Cyber Intelligence Program Build at Treadstone 71 →Begin Your Certified Cyber Intelligence Analyst Path
Self-paced enrollment opens immediately on purchase. Mentor support and live office hours throughout.
$4,699 USD 12% off featured programs with code TWELVEROFF at checkoutScroll up to use Teachable's enroll button, or contact info@treadstone71.com for enterprise / multi-seat licensing.
Get started now!
Course Curriculum
What is Intelligence - OSINT Techniques - Maltego
Available in
days
days
after you enroll
Start Building and Enhancing Your Program - Stakeholder Analysis
Available in
days
days
after you enroll
Data Provenance - Hunchly - OPSEC - Rules of Engagement
Available in
days
days
after you enroll
Frequently Asked Questions
COURSE EULA
Course EULA - REQUIRED
Treadstone 71 LLC ("T71") IS WILLING TO LICENSE THE T71 Cyber Intelligence Training (COLLECTIVELY, "COURSE")
UPON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS OF THIS NON-COMMERCIAL VERSION LICENSE AGREEMENT ("AGREEMENT"). PLEASE READ THESE TERMS CAREFULLY BEFORE MOVING AHEAD WITH THIS COURSE. BY INSTALLING OR USING THE INFORMATION ON THE PROVIDED USB, YOU ARE CONSENTING TO BE BOUND BY AND ARE BECOMING A PARTY TO THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT, T71 IS UNWILLING TO LICENSE THE COURSE TO YOU ("YOU"), AND YOU SHOULD NOT INSTALL OR USE THE COURSE.
NON-COMMERCIAL VERSION LICENSE
To qualify for a Non-Commercial Version License, You must:
(1) use the Course for non-commercial purposes as defined herein.
The term "Non-Commercial Version License" is limited to using the concepts, methods, processes, procedures, and plans for internal organizational use. Entities are not allowed to teach this course or semblance of this course without express permission from Treadstone 71 LLC. Organizations are not allowed to deliver commercial services based upon this course that compete directly or indirectly with Treadtone 71 LLC.
If You do not qualify for a Non-Commercial Version License, then you should discontinue the COURSE.
GRANT OF LICENSE
Provided that you qualify for a Non-Commercial Version License as specified above, and subject to the terms and conditions contained herein, T71 hereby grants You, an end user, a personal, non-transferable, non-exclusive, non-sublicensable license to install and use the COURSE, free of charge, for non-commercial purposes only. In addition, subject to the terms and conditions contained herein and provided that You meet the requirement specified above for an Non-Commercial Version License, T71 hereby grants to You, an end user, a non-transferable, non-exclusive, non-sublicensable license, free of charge, to (1) use the COURSE for the intent of building or expanding a cyber intelligence program within your organization.
For the avoidance of doubt, the following are considered examples of commercial uses of the COURSE:
(1) use for financial gain, personal or otherwise;
(2) use by government agencies without recompense to T71;
(3) use by a telecommunication or Internet service provider company with recompense to T71;
(4) use in connection with administering a commercial web site;
(5) use in connection with the provision of professional service for which you or your company or organization are compensated (including paid administration);
(6) bundling or integrating the COURSE with any other product, service, or another COURSE product for commercial use.
(7) teaching this course in a seminar, online, commercial or academic setting.
T71 and/or its licensors reserve all rights not expressly granted to You herein. This license is not a sale of the COURSE or any copy of the COURSE. The COURSE contains valuable trade secrets of T71 and its licensors. All worldwide ownership of and all rights, titles and interests in and to the COURSE, and all copies and portions of the COURSE, including without limitation, all intellectual property rights therein and thereto, are and will remain exclusively with T71. The COURSE is protected, among other ways, by the copyright laws of the United States and international copyright treaties. All rights not expressly
granted herein are retained by T71 and its licensors.
USE RESTRICTIONS
You may not:
(i) use the COURSE, except under the terms listed above;
(ii) create derivative works based on the COURSE (e.g. incorporating the COURSE in a commercial product or
service without a proper license).
(iii) copy the COURSE
(iv) rent, lease, sublicense, convey, distribute or otherwise transfer rights to the COURSE;
(v) remove any product identification, copyright, proprietary notices or labels from the COURSE; or
(vii) use any T71 trademarks in any manner other than their presence within Your copy of the COURSE without
written permission of T71.
Any and all copies made by You as permitted hereunder must contain all of the original COURSE's copyright, trademark
and other proprietary notices and marks.
MAINTENANCE, SUPPORT AND UPDATES
T71 is under no obligation to maintain or support or update the COURSE in any way, or to provide updates or
error corrections
CONFIDENTIALITY
The COURSE and any license authorization codes are confidential and proprietary information of T71. You agree
to take adequate steps to protect the COURSE and any license authorization codes, if any, from unauthorized
disclosure or use. You agree that You will not disclose the COURSE, in any form, to any third party, except as otherwise
provided herein.
WARRANTY
T71 EXPRESSLY DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS, IMPLIED OR STATUTORY, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY, OF FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT OF THIRD PARTY INTELLECTUAL PROPERTY RIGHTS, AND ANY WARRANTY THAT MAY
ARISE BY REASON OF TRADE USAGE, CUSTOM, OR COURSE OF DEALING. WITHOUT LIMITING THE FOREGOING, YOU ACKNOWLEDGE THAT THE COURSE IS PROVIDED "AS IS" AND THAT T71 DOES NOT WARRANT THAT THE COURSE WILL RUN UNINTERRUPTED OR ERROR FREE NOR THAT THE COURSE WILL OPERATE WITH HARDWARE AND/OR COURSE NOT PROVIDED BY T71. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THE AGREEMENT. SOME STATES DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO THE ABOVE EXCLUSION MAY NOT APPLY TO YOU,
AND YOU MAY HAVE OTHER RIGHTS, WHICH VARY FROM STATE TO STATE.
TERMINATION
This Agreement will terminate immediately and automatically without notice if You breach any provision in this Agreement. Upon termination You will remove all copies of the COURSE or any part of the COURSE from any and
all computer storage devices and destroy the COURSE. At T71's request, You or your authorized signatory, will
certify in writing to T71 that all complete and partial copies of the COURSE have been destroyed and that none
remain in your possession or under your control. The provisions of this Agreement, except for the license grant
and warranty, will survive termination. U.S. GOVERNMENT RIGHTS
If You use the COURSE by or for any unit or agency of the United States Government, this provision applies. The
COURSE shall be classified as "TRAINING COURSE", as that term is defined in the Federal Acquisition Regulation (the "FAR") and its supplements. T71 represents that the COURSE was developed entirely at private expense, that no part of the COURSE was first produced in the performance of a Government contract, and that no part of the COURSE is in the public domain. (1) If the COURSE is supplied for use by DoD, the COURSE is delivered subject to the terms of this license agreement and either (i) in accordance with DFARS 227.7202-1(a) and 227.7202-3(a), or (ii) with restricted rights in accordance with DFARS 252.227-7013(c)(1)(ii) (OCT 1988), as applicable. (2) If the COURSE is supplied for use by a
Federal agency other than DoD, the COURSE is restricted computer COURSE delivered subject to the terms of this
license agreement and (i) FAR 12.212(a); (ii) FAR 52.227-19; or (iii) FAR 52.227-14(ALT III), as applicable.
RESTRICTED RIGHTS
Use, duplication, or disclosure by the U.S. Government is subject to restrictions set forth in this agreement and as
provided in DFARS 227.7202-1(a) and 227.7202-3(a) (1995),DFARS 252.227-7013(c)(1)(ii) (OCT 1988), FAR 12.212(a)
(1995), FAR 52.227-19, or FAR 52.227-14 (ALT III), as applicable. Manufacturer is Treadstone 71 LLC, 11864 Izarra Way, 7206, Fort Myers, FL 33912
EXPORT LAW
You acknowledge and agree that the COURSE may be subject to restrictions and controls imposed by the United States
Export Administration Act (the "Act") and the regulations thereunder. You agree and certify that neither the COURSE
nor any direct product thereof is being or will be acquired, shipped, transferred, or re-exported, directly or indirectly, into any country, except pursuant to an export control license under the Act and the regulations thereunder, or will be used for any purpose prohibited by the same. By using the COURSE, You are acknowledging and agreeing to the foregoing, and You are representing and warranting that You will comply with all of the United States and other applicable country laws and regulations when either exporting or re-exporting or importing the COURSE or any underlying information technology. Further, You represent and warrant that You are not a national of Cuba, Iran, Iraq, Libya, North Korea, Russia, Sudan or Syria or a party listed in the U.S. Table of Denial Orders or U.S. Treasury Department's list of Specially Designated Nationals.
GOVERNING LAW
This Agreement is governed by the laws of the State of Florida without regard to conflict of laws rules and principles. Application of the United Nations Convention on Contracts for the International Sale of Goods is expressly
excluded.
MISCELLANEOUS
If any provision hereof shall be held illegal, invalid or unenforceable, in whole or in part, such provision shall be modified to the minimum extent necessary to make it legal, valid and enforceable, and the legality, validity and enforceability of all other provisions of this Agreement shall not be affected thereby. No delay or failure by either party to exercise or enforce at any time any right or provision hereof shall be considered a waiver thereof or of such party's right thereafter to exercise or enforce each and every right and provision of this Agreement. This Agreement will bind and inure to the benefit of each party's permitted successors and assigns. You may not assign this Agreement in whole or in part, without T71's prior written consent. Any attempt to assign this Agreement without such consent will be null and void. This Agreement is the complete and exclusive statement between You and T71 relating to the subject matter hereof and supersedes all prior oral and written and all contemporaneous oral negotiations, commitments and understandings of the parties, if any. In the case of any conflict between the terms of this Agreement and the provisions of any purchase
order for the COURSE, the terms of this Agreement shall control.
Please contact the Director of Business
Development at T71 11864 Izarra Way, 7206, Fort Myers, FL 33912
888.714.0071 – info@treadstone71.com