Intelligence-Driven Threat Hunting Workshop: Operationalizing Geopolitical Intel

Operationalize Threat Intelligence with Real-World Geopolitical Context

Join Intel 471 for a 2-hour intelligence-driven workshop built around today’s most pressing global and cyber threats. This session explores how geopolitical developments shape threat actor behavior and how that intelligence can be used to strengthen the threat-hunting process.

The workshop begins with a geopolitical intelligence briefing from Hannah Maldonado, Senior Director of Geopolitical Analysis, and Chris Mason, Vice President of Intelligence Analysis. They will outline how regional conflicts, political instability, and policy shifts influence cyber operations and threat actor intent. Attendees will learn how to use geopolitical insights to prioritize hunts and add context to observed activity.

Then, Lee Archinal, Principal Threat Hunter, will translate those insights into the hunt itself. In this hands-on session, participants will use real intelligence to form hypotheses, identify indicators, and analyze behaviors tied to geopolitical motives and objectives. The exercise demonstrates how intelligence moves from strategic understanding to operational execution, showing exactly how geopolitical context can be applied to active hunts.

This is an interactive experience where participants will work through live scenarios using real-world intelligence and community hunt packages. You will build and test hypotheses tied to nation-state operations, economic espionage, and regional conflict activity while exploring how geopolitical context can guide technical hunts.

What you’ll gain:

• A clear understanding of how geopolitical events influence threat actor targeting and intent
• Practical methods for transforming geopolitical analysis into huntable hypotheses
• Direct experience connecting geopolitical context with behavioral telemetry and indicators
• Exposure to community hunt packages aligned with state-sponsored TTPs and MITRE ATT&CK techniques
• The ability to incorporate strategic intelligence into operational threat hunting

This session connects geopolitical analysis with the on-the-ground process of threat hunting, bridging the gap between strategic intelligence and hands-on defense.

Earn Your Intelligence-Driven Threat Hunting: Geopolitical Intel Badge

After the workshop, attendees can complete a final challenge to earn the Intelligence-Driven Threat Hunting: Geopolitical Intel Badge, recognizing their ability to hunt based on geopolitical intelligence. The challenge reinforces skills such as identifying geopolitical drivers behind adversary behavior, developing context-aware hypotheses, executing focused queries, and mapping findings to MITRE ATT&CK. Successful completion demonstrates readiness to incorporate geopolitical context into threat hunting operations.