Post

Cyber Threat Intelligence Teaching and Research at the University of Sannio

Posted
By Pietro Melillo
1 min read
Cyber Threat Intelligence Teaching and Research at the University of Sannio

As part of my academic and professional work in Cyber Threat Intelligence, I am engaged as a PhD researcher and university lecturer at the University of Sannio.

My activity focuses on three closely connected areas:

  • Cyber Threat Intelligence;
  • dark web intelligence;
  • ransomware ecosystems and operations.

Teaching Activities

I deliver structured lectures within the academic course Security of Networks and Software Systems. The teaching activity combines conceptual foundations with operational examples, helping students understand how CTI is applied in real investigative and defensive contexts.

The curriculum covers:

  • threat intelligence lifecycle;
  • Indicators of Compromise and their limitations;
  • OSINT and CLOSINT data acquisition;
  • threat modeling and actor profiling;
  • ransomware groups and monetization models;
  • CTI-supporting tools such as TIPs, Shodan, VirusTotal, IntelX, Have I Been Pwned, and dark web monitoring systems.

The material is supported by case studies and practical demonstrations, with the aim of connecting academic theory to the work performed by analysts in security operations, incident response, and threat research.

Research Focus

My PhD research adopts an attacker-centric perspective on Cyber Threat Intelligence, with particular attention to:

  • ransomware ecosystem dynamics;
  • threat actor behavior and operational patterns;
  • monitoring of surface web and dark web infrastructure;
  • evaluation of Threat Intelligence Platforms;
  • OSINT and CLOSINT integration;
  • automation and data-driven analysis for intelligence enrichment.

This research has also led to the development of customized tools and microservices for collecting, enriching, and prioritizing externally observable threat data.

Academic Collaboration

My academic work is developed in collaboration with:

  • Prof. Corrado Aaron Visaggio, faculty lead for CTI research at the University of Sannio;
  • JanaraLab, the local cybersecurity research group;
  • Red Hot Cyber / DarkLab, where I serve as Director of Threat Intelligence.

These collaborations help connect university research, technical experimentation, and public-facing cybersecurity dissemination.

Closing Note

The objective of this work is to contribute to the formation of analysts and researchers who can interpret the modern threat landscape with rigor, technical competence, and methodological awareness.

For more information, visit my GitHub Page or LinkedIn profile.

Academia, Cyber Threat Intelligence
cti dark-web ransomware unisannio phd teaching
This post is licensed under CC BY 4.0 by the author.