Aerospace & Defense

Information Technology


Emerging Capabilities

Introduction to Intelligence Driven Defense® (I2D2)


Based on Lockheed Martin’s internal training programs to develop cyber intelligence analysts, this course provides students and businesses alike with a medium toward the development and honing of a cyber intelligence analyst. It incorporates general technical competencies, mindsets and problem solving techniques with the familiarization of the Lockheed Martin Cyber Kill Chain® framework and other security intelligence concepts.

This one week course will expose students to security intelligence disciplines within cyber, build team work, introduce scripting to those who don’t know, expand scripting abilities to those that do, and introduce open-minded and open-source tools and methodologies useful in analysis.

Course Objectives

By the end of the course, the student will:

  • Understand the core SIC concepts (SOC vs. SIC, Lockheed Martin Cyber Kill Chain®, APT, etc.)
  • Have a strong understanding of the enterprise. architecture and how each component contributes to security intelligence.
  • Have a strong understanding of the tools and techniques needed to efficiently identify trends and extract indicators from large data sources.
  • Understand key networking concepts relevant to the security intelligence process.
  • Understand key forensics and incident response concepts critical to the security intelligence process.

Major Topics

  • Security Intelligence Core Concepts: Understand fundamental differences between traditional IT Security Operations and Security Intelligence as well as learn about how Advanced Persistent Threats (APT) operate.
  • Linux Commands & Data Analysis: Learn how to use command line functions to extract key information from large data sources.
  • Host-based Incident Response & Forensics Concepts: Incident response basics focused on disk, file system and memory retrieval.
  • Network Forensics Concepts: Understanding network flows, protocols, and services is critical to tracking malware and malicious activity throughout a network.
  • Defensible Enterprise Architectures: Reinforce learning by providing students with hands-on experience and focusing on understanding the implications and impacts of adversary attacks and the potential mitigations upon the enterprise network architecture.
Excite logo



EXCITE® Course Management:
703-339-6201 x313, Sevil Grimaldi

Business Development:
703-339-6201 x334, Eric Reeves