MISP Training - Threat Intelligence - Extension and API hands-on



Date: Friday, 07. September 2018 09:00 until Friday, 07. September 2018 17:00
Room: EternalBlue
Language: EN
Service Details:
    Target audience: Security Software Developers or Opertional Security DevOps
    Duration: 1 day
    Level: Good knowledge of information security fundamentals


In a continuous effort since 2016, CIRCL frequently gives training sessions about MISP (Malware Information Sharing Platform & Threat Sharing). The purpose is to reach out to security analysts using MISP as a threat intelligence platform along with users using it as an information sharing platform. This is an opportunity for the users to meet the developers and exchange about potential improvements or use-cases using MISP as a threat-intelligence platform.

Training info

MISP is an advanced platform for sharing, storing and correlating Indicators of Compromises (IOCs) from attacks and cybersecurity threats. Today, MISP is used in multiple organizations to store, share, collaborate on malware, and also to use the IOCs to detect and prevent attacks. The aim of this trusted platform is to help improving the countermeasures used against targeted attacks and set up preventive actions. MISP becomes a full-feature information and threat sharing platform to support operational and tactical cybersecurity intelligence.

The MISP training will demonstrate how the platform functions; explain how to share, comment and contribute data, and describe the future developments. This part of the training focuses on the extension aspects of MISP including API, ZMQ or even contributing in the core software. The audience intended for this training are the analysts with some software engineering experience who are willing to expand MISP to suit their integration or extension requirements.

The training is free but there is a no-show fee of 30,- EUR if you register and don’t join us at the training.

Objectives

  • MISP interfaces and API. How to use and extend MISP to support your information security operational teams using programmatic interfaces.
  • Be part of the MISP future, how to contribute to MISP not only as a developer but as an active contributor (from documentation to taxonomies).

Programme

The training will show the platform, its functionalities and demonstrate how to benefit most from sharing, commenting and contributing on it. At the end of the day, every participant will be knowledgeable in information sharing about cybersecurity threats and become a proficient MISP user and threat intel handler.

Requirements

For detailed information see our online MISP training materials


In a continuous effort since 2016, CIRCL frequently gives training sessions about MISP (Malware Information Sharing Platform & Threat Sharing). The purpose is to reach out to security analysts using MISP as a threat intelligence platform along with users using it as an information sharing platform. This is an opportunity for the users to meet the developers and exchange about potential improvements or use-cases using MISP as a threat-intelligence platform.

The MISP training will demonstrate how the platform functions; explain how to share, comment and contribute data, and describe the future developments. This part of the training focuses on the extension aspects of MISP including API, ZMQ or even contributing in the core software. The audience intended for this training are the analysts with some software engineering experience who are willing to expand MISP to suit their integration or extension requirements.

The training is free but there is a no-show fee of 30,- EUR if you register and don’t join us at the training.

More information about MISP: https://www.circl.lu/services/misp-malware-information-sharing-platform/

About the MISP project: https://www.misp-project.org

Requirements:

For more information: https://www.circl.lu/services/misp-training-materials/

Overview of the room/facility

EternalBlue

Organiser(s) / Sponsor(s)


Request more information : info@circl.lu

Register for the Event