MISP – threat intelligence for the masses
Threat Intelligence in general has many aspects that are relevant in one way or another to most organisations with a focus on their security operations, be it for prevention, incident response, threat landscape monitoring or simply collaboration.MISP, an open-source TISP (Threat Intelligence Sharing Platform) aims to be the center-piece of your threat intel operation by being extensible and flexible enough to adapt to your processes. This presentations aims to both introduce newcomers to the system as well as highlight some of the newer tools and methods that it makes available to those that have already spent a considerable amount of time using it.
ABOUT THE SPEAKER
Andras Iklody works at the Luxembourgian Computer Security Incident Response Team (CSIRT) CIRCL as a software engineer and has been leading the development of the MISP core since early 2013. He is a firm believer that there are no problems that cannot be tackled by building the right tool.