Mandiant Academy™

Intelligence Research I—Scoping
(On-Demand Module Overview)

This foundational course teaches students to analyze, prioritize, and fully understand Requests for Information (RFI’s),  and create a research plan that keeps their efforts on track.

View the Datasheet

man raising his hand

Course Description

The course provides learners with questioning strategies to uncover stakeholder intent and generate actionable intelligence analysis. It shows learners how to identify and review relevant context such as intelligence requirements, organizational threat profiles and key stakeholder analysis to help them fully interpret implicit and explicit RFIs. The course walks learners through how to use a research management system to organize research and avoid information overload, and how to assess source relevance and trust to ensure that collections efforts are efficient and focused on the task at hand.

Learning Objectives

After completing this course, learners should be able to:

  • Use a structured, repeatable four-step scoping process  
  • Generate context using various approaches and resources such as the organizational threat profile, key stakeholder analysis and intelligence requirements  
  • Prepare for collections efforts by developing a research management system 
  • Assess different kinds of information and sources up front to avoid wasting time on irrelevant or unreliable sources

Who Should Attend

This is a foundational level course for cyber practitioners who must scope and respond to formal and informal Requests for Information (RFI’s).


Students should have taken Cyber Intelligence Foundations, or have equivalent knowledge.


8 hours

Content is available for 3 months from date of enrollment. It can be accessed 24/7 from a standard web browser.


$2,000 USD or 2 EOD Units

Course Outline

Organizing Research

  • Research Goals and Objectives
  • Key Considerations of Research
  • Explicit and Implicit prompts
  • Essential Elements of Information
  • 4 Step Research Process (Prompt, Plan, Gather Evaluation), Intelligence Requirements, Threat Profile, Key Stakeholder Analysis, Context, Priority

Assessing Information

  • Interrogating Existing Holdings
  • Intelligence Gaps, Knowledge Management Practices, Working Knowledge of Environment
  • Source Types
  • Key Characteristics of Sources
  • Stakeholder and Influence Mapping
  • Relevance
  • Trust
  • Admiralty Code (Reliability + Credibility)
  • Source Bias
  • Facts v. Opinion v. Assessment
  • Estimative Language
  • Cognitive Bias

Meet your instructors

Aviv Ben-Or, Senior Analyst, Strategic Intelligence and Government

While with Mandiant, Aviv Ben-Or provided outreach, guidance and analytic support to the U.S. federal civilian government. He brought four years of experience in cyber threat intelligence, including his time working as a Strategic Analyst in the U.S. government. Prior to working in cyber security and intelligence, Aviv taught university courses in writing and analysis, while completing his doctorate in Hebrew literature.

Aviv Ben-Or Headshot

Shanyn Ronis, Manager of Mandiant Intelligence Training Services

Shanyn Ronis has extensive knowledge and background in Cyber Threat Intelligence and methods for operationalizing intelligence for mission success. Since 2013, she has worked in various cyber intelligence positions, ranging from Intelligence Analyst to embedded Fusion Analyst within a SOC environment, to leading Tier 2 Incident Response. Ms. Ronis is a member of the Forbes 30 Under 30 class of 2017.

Shanyn Ronis headshot