mirror of https://github.com/MISP/misp-training
small changes
parent
0701100dfa
commit
01510e93c9
|
@ -25,9 +25,9 @@
|
||||||
\begin{frame}
|
\begin{frame}
|
||||||
\frametitle{The aim of this presentation}
|
\frametitle{The aim of this presentation}
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item To give some insight into what sort of an evolution of our various communities' have gone through as observed over the past ~8 years
|
\item To give some insight into what sort of an evolution of our various communities' have gone through as observed over the past 8 years
|
||||||
\item Show the importance of strong contextualisation...
|
\item Show the importance of {\bf strong contextualisation}...
|
||||||
\item ...and how that can be leveraged when trying to make our data actionable
|
\item ...and how that can be leveraged when trying to make our data {\bf actionable}
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\end{frame}
|
\end{frame}
|
||||||
|
|
||||||
|
@ -83,11 +83,11 @@
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item There were separate factors that made our data-sets less and less useful for detection/defense in general
|
\item There were separate factors that made our data-sets less and less useful for detection/defense in general
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Growth of our communities
|
\item {\bf Growth of our communities}
|
||||||
\item Distinguish between information of interest and raw data
|
\item Distinguish between information of interest and raw data
|
||||||
\item False positive management
|
\item {\bf False-positive} management
|
||||||
\item TTPs and aggregate information may be prevalent compared to raw data (risk assessment)
|
\item TTPs and aggregate information may be prevalent compared to raw data (risk assessment)
|
||||||
\item Increased data volumes leads to be able to prioritise
|
\item {\bf Increased data volumes} leads to be able to prioritise
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\end{frame}
|
\end{frame}
|
||||||
|
@ -150,7 +150,7 @@
|
||||||
\begin{frame}
|
\begin{frame}
|
||||||
\frametitle{We were still missing something...}
|
\frametitle{We were still missing something...}
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Taxonomy tags were in some cases non self-explanatory
|
\item Taxonomy tags often {\bf non self-explanatory}
|
||||||
\item Example: universal understanding of tlp:green vs APT 28
|
\item Example: universal understanding of tlp:green vs APT 28
|
||||||
\item For the latter, a single string was ill-suited
|
\item For the latter, a single string was ill-suited
|
||||||
\item So we needed something new in addition to taxonomies - \textbf{Galaxies}
|
\item So we needed something new in addition to taxonomies - \textbf{Galaxies}
|
||||||
|
|
Loading…
Reference in New Issue