\frametitle{MISP and Starting from a Practical Use-Case}
\begin{itemize}
\item In 2012, during a malware analysis workgroup, we realized that multiple analysts were working independently on the same malware.
\item To streamline our efforts and avoid redundancy, we sought a {\bf method for easy and automated information sharing}.
\item Christophe Vandeplas, then employed at the Belgian Ministry of Defense, presented his preliminary work on what would eventually evolve into the MISP platform.
\item An initial version of the MISP platform was adopted by the MALWG, and the valuable feedback from users fueled further development and enhancements.
\item Today, MISP has grown into a platform driven by {\bf community development}.
The Computer Incident Response Center Luxembourg (CIRCL)\footnote{\url{https://www.circl.lu/}} is a government-driven initiative designed to provide a systematic response facility to computer security threats and incidents. CIRCL is the CERT for the private sector, communes and non-governmental entities in Luxembourg and is operated by Luxembourg House of Cybersecurity (LHC) g.i.e.
\item CIRCL is mandated by the Ministry of Economy and acting as the Luxembourg National CERT for private sector (under the NIS directive).
\item CIRCL leads the development of the Open Source MISP threat intelligence platform which is used by many military or intelligence communities, private companies, financial sector, National CERTs and LEAs globally.
\item{\bf CIRCL runs multiple large MISP communities performing active daily threat-intelligence sharing}.
\frametitle{Evolving Military Use Cases with MISP}
\begin{itemize}
\item MISP's versatile standard\footnote{\url{https://www.misp-standard.org/}} seamlessly integrates with military protocols, enhancing interoperability.
\item Supports diverse intelligence inputs, including {\bf HUMINT} (Human Intelligence), {\bf SIGINT} (Signals Intelligence), and {\bf OSINT} (Open Source Intelligence), within the MISP framework.
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{SIGINT - MISP Integration with SigMF}
\begin{itemize}
\item MISP has added support for the Signal Metadata Format Specification (SigMF)\footnote{\url{https://www.misp-project.org/2023/08/23/MISP_now_supports_Signal_Metadata_Format_Specification_SigMF.html/}}, used widely in {\bf software-defined radio and signal processing}.
\item New SigMF-related object templates introduced:
\begin{itemize}
\item SigMF Recording
\item SigMF Archive
\item SigMF Expanded Recording
\end{itemize}
\item Enrichment features in MISP allow expansion of SigMF recordings, aiding in data analysis and integration of signal metadata into MISP attributes.
\item This integration facilitates improved search capabilities and data analysis within MISP.
\item The MISP standard is extensible; objects can be easily created to cover specific use cases.
\item Military organizations often have their own unique data models.
\item The MISP standard includes 344\footnote{\url{https://www.misp-project.org/objects.html}} default object templates, many of which are applicable to HUMINT.
