Initializing Secure Environment
CTIB certifications

Professional credentials for the
cyber intelligence workforce.

CTIB certification pathways validate real-world capability across security analysis, threat intelligence, SOC operations, and digital forensics — built around vendor-neutral frameworks, public blueprints, and exam integrity.

View certification tracks Download candidate handbook
Vendor-neutral standards
Practical assessment
Live proctoring
Verifiable credentials
Certification Pathway
TST-202
new
Advanced
Pathways
1 tracks
Clear role-based pathways
Validity
3 years
Credential validity cycle
Proctoring
Live
Proctored examination model
Objectives
Public
Blueprints and exam objectives
Certification tracks

Choose the credential aligned
to your career stage.

Each CTIB credential is mapped to specific job functions, measurable competencies, and real-world security tasks expected by employers, agencies, and enterprise security teams.

TST-202 Advanced

new

ww

Format
Essay + MCQ
Duration
90 min
Validity
2 yr validity
Recommended: 0-2 years experience
View Blueprint → Apply
Exam integrity

Built for trust,
not shortcuts.

CTIB exams are designed to protect credential value through transparent blueprints, controlled delivery, live proctoring, and practical assessment where role requirements demand it.

Live proctored delivery

Candidate identity checks, controlled browser environment, camera verification, and active session monitoring.

Verifiable digital credentials

Credential records can be validated through the CTIB registry for employer and institutional verification.

Continuous blueprint review

Objectives are reviewed periodically to reflect changes in adversary behaviour, SOC operations, intelligence tradecraft, and forensic practice.

Sample CTI-301 Blueprint
Intelligence lifecycle & collection planning

Requirements, PIRs, collection sources, reliability, confidence, and analytical discipline.

20%
Threat actor profiling & TTP mapping

MITRE ATT&CK, kill chain logic, campaign tracking, infrastructure analysis, and behavioural indicators.

25%
IOC handling & intelligence sharing

Indicator lifecycle, STIX/TAXII basics, enrichment, validation, and operational distribution.

20%
Reporting & executive communication

Tactical, operational, and strategic reporting for SOC, CISO, and leadership audiences.

20%
Scenario-based decision making

Applied intelligence judgement using real-world incident context and partial information.

15%
Candidate journey

From registration to
verified credential.

A simple candidate flow designed for clarity, governance, and auditability.

01

Select track

Choose the certification aligned with your role and experience level.

02

Review blueprint

Study exam objectives, domains, format, and candidate policies.

03

Schedule exam

Book your online proctored exam through the CTIB exam portal.

04

Complete assessment

Take the exam under proctored conditions with identity verification.

05

Verify credential

Receive a digital certificate and registry-verifiable credential ID.

Ready to build a recognised cyber intelligence credential?

Start with the candidate handbook, compare tracks, or speak with CTIB about enterprise and academic certification pathways.

Download handbook Contact CTIB →