Discover how to optimize threat intelligence curation and contextualization in this 42-minute conference talk from BruCON Security Conference. Learn about setting up a MISP ecosystem with automation scripts to overcome the challenges of lacking context and false positives in threat intelligence data. Explore the implementation of multiple MISP instances, ZeroMQ scripts, and extensive tagging features to create a streamlined curation process that saves time and provides actionable intelligence. Gain insights into establishing a full threat intelligence feedback loop between SOC, incident response, and malware analysis teams. Walk away with practical knowledge on replicating NVISO's functional MISP architecture and operational curation process to enhance your organization's threat intelligence workflow.
In Curation We Trust - Generating Contextual and Actionable Threat Intelligence
BruCON Security Conference via YouTube
Overview
Syllabus
12-BruCON 0x0E-In Curation We Trust Generating Contextual&Actionable Threat Intelligence-Coene&Nixon
Taught by
BruCON Security Conference