UC Tech Academy: Applied Intelligence Mentorship Program

The UC Tech Applied Intelligence Mentorship (AIM) program is offered through a partnership between the UC Cyber-risk Coordination Center and Mandiant. This eight-month virtual program consists of monthly modules or workshops, each addressing a different topic and requiring about twelve hours of commitment. 

Attendees participate in interactive hands-on workshops that enable them to build and improve their locations’ Cyber Threat Intelligence (CTI) programs, as well as improve workflows, align CTI initiatives with business needs, and improve systemwide communication. Expert Mandiant CTI consultants facilitate discussion around existing organizational challenges, pain points, workflows, product lines, communication channels, and other topics. Instructors use a combination of content refreshers and prompts so participants may examine the current state of operations, explore best practices and use cases, and identify and help build toward a desired end state.

Program Modules

The program modules cover the following topics:

  1. Fundamentals of cyber intelligence and cyber risk
  2. Building and leading a cyber threat intelligence program
  3. Cyber threats and intrusion sets
  4. Communicating threat intelligence analysis effectively
  5. Collecting, extracting, storing, and analyzing cyber threat information
  6. The cyber threat profile and CTI frameworks
  7. Threat enrichment and attribution analysis
  8. Cyber threat feeds, automation, and IOC aging


The program increases participants’ CTI knowledge and skills, and helps them build new or improve existing CTI products and workstreams, and thus provide better quality support to UC stakeholders. Participants gain insight into how to immediately operationalize what they have learned, meet peers across UC with similar use cases, and develop professional network. Participants receive a certificate of completion upon finishing the program.


The program is designed for twelve individuals across UC locations who are cyber threat intelligence (CTI) practitioners, whose positions “own” the CTI function, or who work in related CTI functions, including incident response, the security operations center, or risk management. Participants should have at least three years of experience working in a CTI related role. All attendees must be comfortable representing their CTI team and sharing atmospherics, insights, existing workflows, processes, and previously produced products.

Participants are nominated by each UC location’s chief information security officer. Nominations are submitted to Monte Ratzlaff by October 27, 2023 providing the nominee’s name and describe why the person would benefit from the program. Selected nominees must confirm they will commit to the time required m to complete the program.