Trainer | András Iklódy

09:00-12:00 pm

András Iklódy

Creating well defined and contextualised information in MISP

The training is meant as both an introductiory workshop into threat information creation as well as an advanced techniques workshop for MISP in particular. Participants will learn how to create proper threat reports as well as how to encode rich and well structured MISP events using all of the modern tooling the platform offers.Topics explored will include:– best practices– considerations of the needs of the community– contextualisation– creating graph based data– enrichment– writing supporting reports– false positive handling– building workflows to assist your CTI processesMISP newcomers as well as veterans that may not be up to date with the latest feature-set of MISP are both welcome and expected to come out of the workshop with new ideas and tools in their toolbelts.

ABOUT THE TRAINER

Andras Iklody works at the Luxembourgian Computer Security Incident Response Team (CSIRT) CIRCL as a software engineer and has been leading the development of the MISP core since early 2013. He is a firm believer that there are no problems that cannot be tackled by building the right tool.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
_GRECAPTCHA	5 months 27 days	This cookie is set by Google. In addition to certain standard Google cookies, reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis.
__cfruid	session	Cloudflare sets this cookie to identify trusted web traffic.

Cookie	Duration	Description
VISITOR_INFO1_LIVE	5 months 27 days
YSC	session
yt-remote-connected-devices	never	These cookies are set via embedded youtube-videos.
yt-remote-device-id	never	These cookies are set via embedded youtube-videos.

09:00-12:00 pm

András Iklódy

Creating well defined and contextualised information in MISP

ABOUT THE TRAINER

COMPANY

About us

Careers

SOLUTIONS

Fusion Center

Integration

Offensive Security

Compliance

Cloud Security

ICS/OT Security

MITRE Gap Assessment

KNOWLEDGE CENTER

Whitepapers

ICS Security Feed

Blog

FOR CLIENTS

NEWSLETTER