Top 10 Cyber Threat Intelligence Certifications for Security Practitioners

This article was updated on November 11, 2025 with updated information

Whether someone is an aspiring cybersecurity practitioner or a seasoned professional, they can sharpen their skills by working towards and attaining cyber threat intelligence (CTI) certifications. However, both the number of certifications available and the process to attain them can seem overwhelming. 

We’ve had our Flare cybersecurity researchers and analysts weigh in on how to go about the process of picking a CTI certification, and which ones to target.

Choosing the Right CTI Certification(s) for you

What are some important points to keep in mind when choosing a certification to work towards? Three considerations include:

• Roles you can land with the certification(s)
• Benefits of the certification(s)
• Core skills learned

One tool that’s helpful in evaluating information security certifications is this chart by Paul Jerimy, which lists certifications by subject area and level of expertise. As comprehensive as the chart is, however, it does not include every available certification, so it’s important to do your own research and know exactly which skills you want certified. 

To get you started, below are the ten most useful cybersecurity certifications with a focus on CTI, according to our cyber practitioner team members at Flare. We’ve noted the core skills and benefits of each certification, and make sure to do your own research to figure out what’s best for you. 

Top 10 Cybersecurity or Threat Intelligence Certifications

1. GIAC’s Cyber Threat Intelligence (GCTI)

The GCTI is one of the most highly-recommended threat intelligence certifications. It’s issued by GIAC Certifications, an organization founded in 1999 to certify information security professionals and is associated with the FOR578 Cyber Threat Intelligence course offered by SANS. The 

GCTI certification is offered as a proctored exam. 

• Benefit: It’s a comprehensive assessment of threat intelligence skills. 
• Core skills: It covers strategic, operational, and tactical cyber threat intelligence application and fundamentals, open source intelligence, analysis and other intelligence gathering and analysis tactics. 

2. EC-Council’s CTIA Certified Threat Intelligence Analyst

The CTIA is both a course and an exam offered by the EC-Council, an organization that has been certifying the skills of cyber security professionals since 2001. Not just anyone can take the exam; to be certified, candidates must prove they’ve been working in the field of cybersecurity for at least three years, or that they’ve completed the requisite coursework. 

• Benefit: The CTIA certification includes hands-on practice as well as a comprehensive overview of threat intelligence.
• Core skills: It covers everything from planning threat intelligence projects to disseminating threat intelligence. 

3. CREST’s CREST Certified Threat Intelligence Manager (CCTIM)

As you might expect, this CCTIM is the top threat intelligence certification issued by the Council for Registered Ethical Security Testers (CREST), and is aimed at managers with proven experience in the field.

• Benefit: Practitioners with this certification are in high demand in Europe.
• Core skills: The exam verifies skills in all areas of threat intelligence and consists of short written answers, long written answers, and a written scenario-based component. 

4. MITRE’s ATT&CK v17 (MAD)

MITRE ATT&CK Defense (MAD) program is called a “living credential” by its creator, MITRE Engenuity. This program uses a mixture of live and on-demand training methods.

• Benefit: The credentials are updated when the threat landscape changes in order to help certified defenders maintain an edge on attackers.
• Core Skills: MAD helps professionals apply ATT&CK v17 across three areas of cyber operations, such as cyber threat intelligence, testing and evaluation, and defensive measures. 

5. ISC2’s Building AI Strategy Certificate

The proliferation of artificial intelligence means that security analysts now need a working knowledge of AI and LLMs in security. To cover risks associated with AI, the ISC2 created its new Building AI Strategy Certificate in 2025. 

• Benefit: Amidst AI hype, practitioners can learn (and signal to employers) that they are knowledgeable about up-to-date information on AI and security.
• Core skills: This certification covers the fundamentals of AI, risk management and the AI workforce. 

6. Treadstone 71’s Cyber Intelligence Tradecraft – Certified Cyber Intelligence Analyst

Offered by Treadstone 71, this course provides tradecraft training, including collection methods, techniques, and more. 

• Benefit: This course follows the International Association for Intelligence Education Standards for Intelligence Analyst Initial Training and is available on demand.
• Core skills: Students in the course are required to demonstrate understanding of analytic techniques. 

7. CTI’s Certified Threat Intelligence Specialist I (CTIS-I) 

This is an introductory course for professionals who want to build knowledge, experience and skills in the area of threat intelligence.

• Benefit: A recommended certification if you have no prior experience and want to get into the field.
• Core skills: Gain the fundamental skills for threat intelligence to break into cybersecurity. 

8. CompTIA’s Cybersecurity Analyst (CySA+)

This focuses on behavioral analytics and using threat intelligence to identify and combat Advanced Persistent Threats (APTs).

• Benefit: Confirms a practitioner’s skills in incident response and vulnerability management. There’s an emphasis on the critical communication skills required for effective security analysis and compliance. 
• Core skills: Covers incident detection, prevention, and response done through continuous security monitoring. 

9. ISC2’s Certified Information Systems Security Professional (CISSP)

The Certified Information Systems Security Professional (CISSP) is one of the most recognized and respected cybersecurity certifications worldwide, issued by (ISC)². Designed for experienced security practitioners, managers, and executives, CISSP validates expertise across eight domains of information security, including risk management, asset security, security architecture and engineering, communication and network security, and software development security.  

• Benefit: Because it requires a minimum of five years of paid work experience in two or more of the covered domains, the CISSP is often considered a career-defining credential and is frequently listed as a preferred or required qualification for senior roles like CISO, security architect, or cybersecurity consultant.
• Core skills: It demonstrates a professional’s ability to design, implement, and manage a best-in-class cybersecurity program aligned with global standards such as ISO/IEC 27001 and NIST.

10. Offsec’s OSCP+

Although not CTI, this is a valuable certification to consider, as some may say that this is the most reputable offensive security certification. The Offensive Security Certified Professional (OSCP+) is a hands-on, ethical hacking certification from Offensive Security (the makers of Kali Linux).

• Benefit: This is known for its rigorous and difficult exam, which includes a practical test to compromise machines in a live lab environment, followed by an additional 24 hours to submit a detailed pentesting report. Gaining this certification speaks highly to a practitioner’s offsec abilities. 
• Core skills: This validates practical penetration testing skills.

Next Steps for Pursuing a CTI Certification

Once you have selected the certification that’s right for you, there are a few steps to take before going ahead with the course or exam:

1. Review the program requirements to ensure that you’ve met any prerequisites. 
2. Ensure that this exam will actually help you with your goals. If you’re new to threat intelligence, an advanced certification may be most helpful with experience in the field. 
3. If you’re currently employed, check with your company to see if you have access to a training budget. This will keep you from unnecessarily paying out of pocket for certifications. Also note that you may need to maintain your certification by taking courses or paying renewal fees. 
4. Have fun! Though it may be stressful studying for an exam, ultimately you will learn new things that will help you work towards making the online world safer. 

Step Up your Cybersecurity Skills with Flare Academy

Not all high-quality training is expensive or has a waiting list. Flare Academy offers free cybersecurity training sessions led by researchers and experts in the field. Our instructors cover a wide range of materials including: the evolution of ransomware gangs, cybercrime persona theory, and credential theft. Participants can also earn CPE credits toward certifications. 

Join Flare Academy’s Discord community where security professionals and students can connect, share information and resources, and access Flare Academy training materials. 

Sign up for your next Flare Academy training session today.