Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

How I've Broken Every Threat Intel Platform and Settled on MISP

Cooper via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a conference talk that delves into the challenges of categorizing, storing, and operationalizing various sources of intelligence in enterprise environments. Learn about the design flaws in many intel platforms and the importance of correlating diverse data points like IP addresses, hostnames, file names, and TLS certificates into common events for effective threat intelligence. Discover the speaker's journey in finding a suitable platform to store a large malware configuration database, ultimately settling on MISP. Gain insights into shifting the paradigm from indicators to events as the starting point for threat intelligence work, emphasizing the significance of retaining, analyzing, and correlating the relationships between all observables in an attack. The talk is presented by John Bambenek, an experienced cybersecurity professional with extensive background in threat research, incident handling, and intelligence dataset production.

Syllabus

Hack.lu 2017 How I’ve Broken Every Threat Intel Platform I’ve Ever Had (And Settled on MISP)

Taught by

Cooper

Reviews

Start your review of How I've Broken Every Threat Intel Platform and Settled on MISP

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.