The Compendium
An ever-growing, one-stop shop for CTI resources. New to the field or deep in the weeds, there's something here for you.
None of these are sponsored. No affiliate links. No compensation received. Just resources I've used, evaluated, or recommend!
New to CTI? This is the first page you should read. Katie Nickels' self-study plan and the foundational resources to get you oriented.
Explore →Free and paid courses, self-study resources, and vendor trainings evaluated by Jen. From beginner-friendly to advanced.
Explore →The analyst toolkit — TIPs, IOC enrichment, sandboxes, and more. Includes a full capability matrix so you know exactly what each tool does.
Explore →Who to follow, which organizations produce the best research, and where to find your people in the CTI community.
Explore →CTI certifications worth knowing about, what they cost, and Jen's honest take on when you should and shouldn't pursue them.
Explore →Where the community convenes — from DEF CON to SANS CTI Summit to local BSides. Includes pricing tiers and Jen's personal favorites.
Explore →CTI-specific and general security podcasts worth your commute. Curated for signal, not just volume.
Explore →Where to find CTI and cybersecurity roles, plus a note on job titles — because CTI positions go by a lot of different names.
Explore →Know your adversaries. Jen's recommended threat actor databases and references — no reinventing the wheel.
Explore →Programs Jen has personally participated in or recommends for breaking into CTI and growing in the field.
Explore →The questions Jen gets asked most often — what CTI actually is, how to break in, which certs to get, and more.
Explore →Something missing from the compendium? I'm always looking to add more!
Make a suggestion →