What is cyber intelligence training?

Cyber intelligence training teaches analysts how to collect, structure, assess, write, and brief intelligence for cyber risk, threat, influence, and operational decisions. Treadstone 71 programs cover collection planning, OSINT, structured analytic techniques, deception detection, warning analysis, reporting, and forecasting — all aligned to IAFIE standards and listed in the CISA NICCS catalog.

Who should take counterintelligence and cyber intelligence courses?

Programs fit threat intelligence analysts, security leaders, investigators, cybercrime teams, intelligence writers, peer reviewers, government agencies, defense organizations, and enterprise security groups that need stronger analytic tradecraft.

Do you offer cognitive warfare and disinformation training?

Yes. The catalog includes cognitive warfare, narrative analysis, deception, influence operations, Russian and Chinese cognitive warfare doctrine, People Intelligence (PEOPINT), and related programs that help students identify manipulation, hostile narratives, and behavior-driven threat patterns.

Are the courses self-paced or live?

Most programs offer online, on-demand access with mentor support. Select programs add live web meetings, office hours, or instructor-supported cohorts. In-person training is available through Treadstone 71's client-driven and Project Omega Prague residency formats.

Do you provide team or enterprise licensing?

Yes. Enterprise subscription options support organization-wide access through a single annual license. Teams gain shared training paths, consistent analytic language across analysts, and centralized progress reporting for security leadership.

Are the certifications recognized in the intelligence community?

Treadstone 71 training is IAFIE-aligned, follows PHIA standards language, and is listed in the CISA NICCS training catalog as a recognized cybersecurity workforce development provider. Certifications carry CPE credits and are recognized by government agencies, defense contractors, and Fortune 500 security teams worldwide.

What is the TWELVEROFF discount code?

TWELVEROFF is the current promotional code for 12 percent off featured programs at checkout. Apply at the checkout step on any featured course page. Subject to change — verify current offer on the featured programs page.

How does this site relate to Treadstone 71?

The Cyber Intel Training Center is the official online training platform of Treadstone 71 LLC, a veteran-owned, woman-led cyber intelligence firm operating since 2002. Treadstone 71 also delivers in-person training, consulting, adversary dossiers, and intelligence program builds at treadstone71.com.

NICCS LISTED · ADVERSARY TARGETING · TARGET PACKAGES · F3EAD · CI METHODOLOGY · IAFIE ALIGNED

Adversary Targeting Structured Targeting Methodology for Cyber Counter-Intelligence

Name: Enterprise Cyber Intelligence Training Subscription
Brand: Treadstone 71
Price: 99990.00 USD
Availability: InStock

Adversary targeting is the structured methodology for building target packages — comprehensive characterizations of specific adversary entities (organizations, networks, individuals) that support both intelligence production and authorized operational action. Without a structured targeting methodology, CI work produces scattered observations that never cohere into actionable packages. With one, individual adversary observations roll up into target packages that drive collection planning, support decision-makers, and close out as actionable.

This course covers adversary targeting methodology for cyber counter-intelligence — target package construction, F3EAD applied to adversary characterization, integration with the collection-discipline band, and the tradecraft that turns individual adversary observations into operationally coherent packages. Entry-tier of the CI-tradecraft band at $299 and the natural starting point for analysts building structured CI capability.

Course Price$299 USD

TierEntry — CI Tradecraft

LevelIntermediate

LoopF3EAD

What You'll Learn

Adversary targeting methodology for cyber counter-intelligence

Target Package Construction — the structured documentation framework that captures comprehensive adversary characterization: identification, capability, intent, infrastructure, operational history, behavioral indicators, and the analytic-grade dossier that supports both intelligence production and authorized operational decisions.
F3EAD Applied to Adversary Characterization — Find, Fix, Finish, Exploit, Analyze, Disseminate as the operational targeting loop. Adaptation of the IC and special-operations framework for cyber-domain adversary targeting where "Fix" and "Finish" have different operational meaning than in kinetic contexts.
Multi-Source Target Development — building target packages from OSINT, technical telemetry, persona-based engagement, behavioral profiling, and ALL-SOURCE integration. The integration tradecraft that turns scattered observations into coherent packages.
Targeting-Collection Integration — how adversary targeting drives collection planning and how collected information feeds back into target package refinement. The closing-the-loop discipline that connects Collection Management to target development.
Behavioral Profile Integration — how the behavioral-profiling toolkit (Dark Triad, Big Five, MBTI, Seven Radicals, Cialdini) integrates into target packages for adversary individuals and group leaders. Operator characterization that supports both prediction and engagement planning.
Package Maintenance Discipline — target packages are living documents. The operational discipline for refresh cadence, version control, multi-analyst handoff, and the working pattern that keeps target packages useful over multi-quarter campaigns rather than letting them decay into reference relics.

Course Content

Turning Adversary Observations into Operationally Coherent Packages

Adversary targeting sits at the operational intersection of counter-intelligence, threat intelligence, and operations planning. The discipline emerged from IC and special-operations practice and adapts naturally to cyber-domain CI work. The basic operational logic is the same: identify the adversary entity, characterize its capability and intent comprehensively, integrate observations from all available sources into a structured target package, drive collection against gaps, refine the package iteratively, and produce intelligence and authorized operational action grounded in the package. The cyber-domain calibration is in the specifics — what "infrastructure" means for a cyber adversary, how technical telemetry feeds into capability characterization, how persona-based engagement contributes to intent assessment, and how the F3EAD loop's "Finish" step translates from kinetic to cyber operational contexts.

This course operationalizes adversary targeting methodology for cyber counter-intelligence work specifically — target package construction calibrated to cyber adversary entities, F3EAD adapted for cyber-domain loops, multi-source target development across OSINT / technical / persona-based / behavioral inputs, and integration with the broader CI Stack components (behavioral profiling, persona work, elicitation methods) and Analyst Stack collection-discipline band. At $299 this is the entry-tier of the CI-tradecraft band — accessible as standalone introduction or as on-ramp to the broader CI curriculum and The CounterIntelligence Stack as a whole.

Part Of A Larger Curriculum

Entry-Tier of the CI Tradecraft Band in The CounterIntelligence Stack

This Adversary Targeting course is the entry-tier of the CI-tradecraft band in The CounterIntelligence Stack ($3,999) at $299 — the most accessible entry into the CI-tradecraft components. Pairs operationally with Insider Threats & Elicitation Methods ($999) and Personas / OPSEC ($499). The Stack also includes the CCIAI flagship, the behavioral-profiling toolkit, and additional CI specialty courses for comprehensive counter-intelligence capability at substantial bundle savings.

Common Questions

Adversary Targeting — FAQ

Who is this course designed for?

Counter-intelligence analysts building target packages on adversary entities, cyber threat intelligence professionals working sustained adversary characterization, IC analysts in CI portfolios, security operations leaders integrating adversary targeting with broader CTI work, authorized red-team operators planning engagement against specific targets, and analytic methodology trainees building the CI-tradecraft discipline.

How does this differ from generic threat-actor profiling?

Generic threat-actor profiling produces descriptive characterization. Adversary targeting produces structured target packages that drive operational action — collection planning, intelligence production, and authorized engagement. The package construction methodology, F3EAD loop integration, and multi-source development tradecraft distinguish targeting from descriptive profiling. The two are complementary; targeting builds on profiling to produce operationally actionable packages.

Why is this the entry-tier course in the CI Stack?

At $299 this course is the most accessible entry into the CI-tradecraft band. The pricing reflects focused scope — it covers the targeting methodology itself rather than the broader CI tradecraft. The other CI-tradecraft components (Insider Threats & Elicitation Methods at $999, Personas / OPSEC at $499) expand the discipline laterally. Most learners benefit from the full CI-tradecraft band combination.

Is there a prerequisite?

None formal. Most learners benefit from the broader CI Stack components — the behavioral-profiling toolkit for adversary characterization integration, the other CI-tradecraft components for full-band coverage, and the Analyst Stack collection-discipline band for the operational integration angle.

Is this part of a bundle or certification?

Yes. This course is one of 11 components of The CounterIntelligence Stack ($3,999) — the entry-tier of the CI-tradecraft band. Contributes to the CCIAI (Certified Cyber CounterIntelligence Analyst) certification track.

About The Provider

Treadstone 71

We See What Others Cannot

Treadstone 71 has worked adversary targeting methodology applied to cyber counter-intelligence continuously since 2002 — target package construction across nation-state, criminal, ideological, and insider adversary entities; F3EAD adapted for cyber-domain operational loops; multi-source target development integrating OSINT, technical telemetry, persona-based engagement, and behavioral profiling. The course reflects two decades of operational targeting practice across financial services, defense industrial base, federal civilian agencies, MSSP and consulting practices, and critical infrastructure operators. Veteran-owned, woman-led, NICCS-listed, IAFIE-aligned.

Two Decades Adversary Targeting Practice

Multi-Sector Target Package Construction

NATO CCDCOE Briefings

NICCS Listed Provider

Turn Scattered Observations into Coherent Packages

Self-paced. Intermediate-level. Adversary targeting methodology, target package construction, F3EAD applied to cyber CI. Entry-tier of the CI-tradecraft band. Scroll up to enroll, or consider The CounterIntelligence Stack to combine this with elicitation methods, persona tradecraft, behavioral profiling, and the full CI curriculum.

$299 USD Self-paced · Intermediate · Lifetime access · CPE credits

Get started now!

Course Curriculum

Adversary Targeting in Cyber Intelligence

Available in days

days after you enroll