Jump to

At a glance

This foundational course teaches how to convey analytic assessments and findings in their intelligence reports and briefings.

Students will be asked to deconstruct intelligence reporting of varying qualities and designed for different stakeholders to identify author intent, methods, and findings.

During these exercises, students can be exposed to various examples of strategic, operational, and technical intelligence products. Intelligence writing and briefing principles, including bottom line up front (BLUF), words of estimative probability (WEPs), and analytic judgments will also be introduced along with potential pitfalls.

The course will also review best practices tied to citations, grammar, style, and peer review. It concludes with an opportunity for students to take provided data and generate an original intelligence product and corresponding briefing.

Prerequisites: Students should have taken Cyber Intelligence Foundations, Cyber Intelligence I – Scoping, and Cyber Intelligence II – Open Source Intelligence courses, or have equivalent knowledge.

Course goals

After completing this course, learners should be able to:

  • Recognize the critical elements of an intelligence report, and create reports that include those elements
  • Identify different types of cyber threat intelligence reports and specify how they differ in type, audience, scope, and purpose
  • Name, define, and apply various style guidelines
  • Interpret a scenario and develop a high quality intelligence product that can be actioned by stakeholders

Who this course helps

This is a foundational level course for cyber practitioners who must produce or assess intelligence reports and briefings.

How it works

Delivery method



8 hours

Content is available for 3 months from the date of first login.

It can be accessed 24/7 from a standard web browser.