Target audience: Security Software Developers or Opertional Security DevOps
Duration: 1 day
Level: Good knowledge of information security fundamentals
In a continuous effort since 2016, CIRCL frequently gives training sessions about MISP (Malware Information Sharing Platform & Threat Sharing). The purpose is to reach out to security analysts using MISP as a threat intelligence platform along with users using it as an information sharing platform. This is an opportunity for the users to meet the developers and exchange about potential improvements or use-cases using MISP as a threat-intelligence platform.
MISP is an advanced platform for sharing, storing and correlating Indicators of Compromises (IOCs) from attacks and cybersecurity threats. Today, MISP is used in multiple organizations to store, share, collaborate on malware, and also to use the IOCs to detect and prevent attacks. The aim of this trusted platform is to help improving the countermeasures used against targeted attacks and set up preventive actions. MISP becomes a full-feature information and threat sharing platform to support operational and tactical cybersecurity intelligence.
The MISP training will demonstrate how the platform functions; explain how to share, comment and contribute data, and describe the future developments. This part of the training focuses on the extension aspects of MISP including API, ZMQ or even contributing in the core software. The audience intended for this training are the analysts with some software engineering experience who are willing to expand MISP to suit their integration or extension requirements.
The training is free but there is a no-show fee of 30,- EUR if you register and don’t join us at the training.
- MISP interfaces and API. How to use and extend MISP to support your information security operational teams using programmatic interfaces.
- Be part of the MISP future, how to contribute to MISP not only as a developer but as an active contributor (from documentation to taxonomies).
The training will show the platform, its functionalities and demonstrate how to benefit most from sharing, commenting and contributing on it. At the end of the day, every participant will be knowledgeable in information sharing about cybersecurity threats and become a proficient MISP user and threat intel handler.
- Your physical presence
- A computer capable of running a virtual machine image
For detailed information see our online MISP training materials
As this is a technical workshop, attendees are expected to bring their own laptop to the course.
Who benefits most from this training:
Everyone interested in the concepts, adminstration, maintenance, usage and API usage of MISP.
- Your physical presence
- A computer capable of running a MISP, for instance natively or in a virtual machine (image available: from https://circl.lu/services/misp-training-materials/)
For more information: https://www.circl.lu/services/misp-training-materials/
This is an 8 hour training.
What is included:
- Training material
- Light lunch
Request more information : firstname.lastname@example.org