mirror of https://github.com/MISP/misp-training
add: [misp-stix] Added slides
parent
192dd6bc9f
commit
12fe818363
|
@ -0,0 +1,3 @@
|
||||||
|
export TEXINPUTS=::~/git/misp-training/themes/
|
||||||
|
echo ${TEXINPUTS}
|
||||||
|
pdflatex slide.tex
|
|
@ -0,0 +1,45 @@
|
||||||
|
\relax
|
||||||
|
\providecommand\hyper@newdestlabel[2]{}
|
||||||
|
\@writefile{nav}{\headcommand {\slideentry {0}{0}{1}{1/1}{}{0}}}
|
||||||
|
\@writefile{nav}{\headcommand {\beamer@framepages {1}{1}}}
|
||||||
|
\@writefile{nav}{\headcommand {\slideentry {0}{0}{2}{2/2}{}{0}}}
|
||||||
|
\@writefile{nav}{\headcommand {\beamer@framepages {2}{2}}}
|
||||||
|
\@writefile{nav}{\headcommand {\slideentry {0}{0}{3}{3/3}{}{0}}}
|
||||||
|
\@writefile{nav}{\headcommand {\beamer@framepages {3}{3}}}
|
||||||
|
\@writefile{nav}{\headcommand {\slideentry {0}{0}{4}{4/4}{}{0}}}
|
||||||
|
\@writefile{nav}{\headcommand {\beamer@framepages {4}{4}}}
|
||||||
|
\@writefile{nav}{\headcommand {\slideentry {0}{0}{5}{5/5}{}{0}}}
|
||||||
|
\@writefile{nav}{\headcommand {\beamer@framepages {5}{5}}}
|
||||||
|
\@writefile{nav}{\headcommand {\slideentry {0}{0}{6}{6/6}{}{0}}}
|
||||||
|
\@writefile{nav}{\headcommand {\beamer@framepages {6}{6}}}
|
||||||
|
\@writefile{nav}{\headcommand {\slideentry {0}{0}{7}{7/7}{}{0}}}
|
||||||
|
\@writefile{nav}{\headcommand {\beamer@framepages {7}{7}}}
|
||||||
|
\@writefile{nav}{\headcommand {\slideentry {0}{0}{8}{8/8}{}{0}}}
|
||||||
|
\@writefile{nav}{\headcommand {\beamer@framepages {8}{8}}}
|
||||||
|
\@setckpt{content}{
|
||||||
|
\setcounter{page}{9}
|
||||||
|
\setcounter{equation}{0}
|
||||||
|
\setcounter{enumi}{0}
|
||||||
|
\setcounter{enumii}{0}
|
||||||
|
\setcounter{enumiii}{0}
|
||||||
|
\setcounter{enumiv}{0}
|
||||||
|
\setcounter{footnote}{3}
|
||||||
|
\setcounter{mpfootnote}{0}
|
||||||
|
\setcounter{beamerpauses}{1}
|
||||||
|
\setcounter{bookmark@seq@number}{0}
|
||||||
|
\setcounter{lecture}{0}
|
||||||
|
\setcounter{part}{0}
|
||||||
|
\setcounter{section}{0}
|
||||||
|
\setcounter{subsection}{0}
|
||||||
|
\setcounter{subsubsection}{0}
|
||||||
|
\setcounter{subsectionslide}{8}
|
||||||
|
\setcounter{framenumber}{7}
|
||||||
|
\setcounter{figure}{0}
|
||||||
|
\setcounter{table}{0}
|
||||||
|
\setcounter{parentequation}{0}
|
||||||
|
\setcounter{theorem}{0}
|
||||||
|
\setcounter{realframenumber}{7}
|
||||||
|
\setcounter{lstnumber}{1}
|
||||||
|
\setcounter{section@level}{0}
|
||||||
|
\setcounter{lstlisting}{0}
|
||||||
|
}
|
|
@ -0,0 +1,123 @@
|
||||||
|
% DO NOT COMPILE THIS FILE DIRECTLY!
|
||||||
|
% This is included by the other .tex files.
|
||||||
|
|
||||||
|
\begin{frame}[t,plain]
|
||||||
|
\titlepage
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\begin{frame}
|
||||||
|
\frametitle{MISP \& STIX}
|
||||||
|
\begin{itemize}
|
||||||
|
\item{\bf Built-in integration}
|
||||||
|
\item Export \& Import features
|
||||||
|
\begin{itemize}
|
||||||
|
\item Export MISP Events collections
|
||||||
|
\item Import STIX files
|
||||||
|
\end{itemize}
|
||||||
|
\item Supported version
|
||||||
|
\begin{itemize}
|
||||||
|
\item STIX 1.1.1
|
||||||
|
\item STIX 2.0
|
||||||
|
\end{itemize}
|
||||||
|
\item Accessible via restSearch
|
||||||
|
\end{itemize}
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\begin{frame}
|
||||||
|
\frametitle{Limitations}
|
||||||
|
\begin{itemize}
|
||||||
|
\item Feature limitations
|
||||||
|
\begin{itemize}
|
||||||
|
\item Supported versions
|
||||||
|
\item Data type support
|
||||||
|
\end{itemize}
|
||||||
|
\item []
|
||||||
|
\item Practical limitations
|
||||||
|
\begin{itemize}
|
||||||
|
\item Export and import features only available via MISP rest client
|
||||||
|
\item {\bf Github}: STIX issues lost within the MISP core issues
|
||||||
|
\end{itemize}
|
||||||
|
\end{itemize}
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\begin{frame}
|
||||||
|
\frametitle{Handling the conversion with a python library}
|
||||||
|
\begin{itemize}
|
||||||
|
\item Revamp of the source code
|
||||||
|
\item Enable a standalone use of the python code
|
||||||
|
\begin{itemize}
|
||||||
|
\item MISP JSON format -> STIX
|
||||||
|
\item Pass files with MISP JSON format -> get file with the export results in STIX
|
||||||
|
\end{itemize}
|
||||||
|
\item []
|
||||||
|
\item Possible integration within python code
|
||||||
|
\end{itemize}
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\begin{frame}
|
||||||
|
\frametitle{Key features}
|
||||||
|
\begin{itemize}
|
||||||
|
\item Support all the STIX versions
|
||||||
|
\begin{itemize}
|
||||||
|
\item {\bf STIX 2.1 Support}
|
||||||
|
\item 1.1.1, 1.2, 2.0 Support enhanced
|
||||||
|
\end{itemize}
|
||||||
|
\item Various MISP data collection supported
|
||||||
|
\item[]
|
||||||
|
\item {\bf Mapping documentation}
|
||||||
|
\item Package available on PyPI\footnote{https://pypi.org/project/misp-stix/}
|
||||||
|
\end{itemize}
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\begin{frame}
|
||||||
|
\frametitle{Work in Progress \& Next improvements}
|
||||||
|
\begin{itemize}
|
||||||
|
\item WiP
|
||||||
|
\begin{itemize}
|
||||||
|
\item {\bf Implement the import feature}
|
||||||
|
\item Support of existing STIX objects libraries\footnote{https://github.com/mitre/cti}
|
||||||
|
\end{itemize}
|
||||||
|
\item Next features on the roadmap
|
||||||
|
\begin{itemize}
|
||||||
|
\item Extend the export feature to any kind of data collection
|
||||||
|
\item Support custom STIX format\footnote{Especially while importing STIX data, {\bf and as long as we can implement support of well defined versions}}
|
||||||
|
\end{itemize}
|
||||||
|
\item Continuous improvement
|
||||||
|
\begin{itemize}
|
||||||
|
\item Mapping improvement
|
||||||
|
\item More tests to avoid edge case issues
|
||||||
|
\end{itemize}
|
||||||
|
\end{itemize}
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\begin{frame}
|
||||||
|
\frametitle{How to report bugs/issues}
|
||||||
|
\begin{itemize}
|
||||||
|
\item Github issues
|
||||||
|
\begin{itemize}
|
||||||
|
\item {\bf https://github.com/MISP/misp-stix/issues}
|
||||||
|
\item https://github.com/MISP/MISP/issues
|
||||||
|
\end{itemize}
|
||||||
|
\item []
|
||||||
|
\item Please provide details
|
||||||
|
\begin{itemize}
|
||||||
|
\item How did the issue happen
|
||||||
|
\item {\bf Recommandation}: provide samples
|
||||||
|
\end{itemize}
|
||||||
|
\item[]
|
||||||
|
\item Any feedback welcome
|
||||||
|
\end{itemize}
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\begin{frame}
|
||||||
|
\frametitle{To get in touch with us}
|
||||||
|
\begin{itemize}
|
||||||
|
\item \url{https://github.com/MISP/misp-stix}
|
||||||
|
\item \url{https://github.com/MISP/misp-stix/tree/main/documentation}
|
||||||
|
\item []
|
||||||
|
\item \url{https://github.com/MISP}
|
||||||
|
\item \url{https://www.misp-project.org/}
|
||||||
|
\item \url{https://twitter.com/MISPProject}
|
||||||
|
\item \url{https://twitter.com/chrisred_68}
|
||||||
|
\end{itemize}
|
||||||
|
\end{frame}
|
Binary file not shown.
|
@ -0,0 +1,27 @@
|
||||||
|
\relax
|
||||||
|
\providecommand\hyper@newdestlabel[2]{}
|
||||||
|
\providecommand\HyperFirstAtBeginDocument{\AtBeginDocument}
|
||||||
|
\HyperFirstAtBeginDocument{\ifx\hyper@anchor\@undefined
|
||||||
|
\global\let\oldcontentsline\contentsline
|
||||||
|
\gdef\contentsline#1#2#3#4{\oldcontentsline{#1}{#2}{#3}}
|
||||||
|
\global\let\oldnewlabel\newlabel
|
||||||
|
\gdef\newlabel#1#2{\newlabelxx{#1}#2}
|
||||||
|
\gdef\newlabelxx#1#2#3#4#5#6{\oldnewlabel{#1}{{#2}{#3}}}
|
||||||
|
\AtEndDocument{\ifx\hyper@anchor\@undefined
|
||||||
|
\let\contentsline\oldcontentsline
|
||||||
|
\let\newlabel\oldnewlabel
|
||||||
|
\fi}
|
||||||
|
\fi}
|
||||||
|
\global\let\hyper@last\relax
|
||||||
|
\gdef\HyperFirstAtBeginDocument#1{#1}
|
||||||
|
\providecommand\HyField@AuxAddToFields[1]{}
|
||||||
|
\providecommand\HyField@AuxAddToCoFields[2]{}
|
||||||
|
\providecommand\BKM@entry[2]{}
|
||||||
|
\@input{content.aux}
|
||||||
|
\pgfsyspdfmark {pgfid1}{1398509}{16636717}
|
||||||
|
\@writefile{nav}{\headcommand {\beamer@partpages {1}{8}}}
|
||||||
|
\@writefile{nav}{\headcommand {\beamer@subsectionpages {1}{8}}}
|
||||||
|
\@writefile{nav}{\headcommand {\beamer@sectionpages {1}{8}}}
|
||||||
|
\@writefile{nav}{\headcommand {\beamer@documentpages {8}}}
|
||||||
|
\@writefile{nav}{\headcommand {\gdef \inserttotalframenumber {7}}}
|
||||||
|
\gdef \@abspage@last{8}
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,21 @@
|
||||||
|
\headcommand {\slideentry {0}{0}{1}{1/1}{}{0}}
|
||||||
|
\headcommand {\beamer@framepages {1}{1}}
|
||||||
|
\headcommand {\slideentry {0}{0}{2}{2/2}{}{0}}
|
||||||
|
\headcommand {\beamer@framepages {2}{2}}
|
||||||
|
\headcommand {\slideentry {0}{0}{3}{3/3}{}{0}}
|
||||||
|
\headcommand {\beamer@framepages {3}{3}}
|
||||||
|
\headcommand {\slideentry {0}{0}{4}{4/4}{}{0}}
|
||||||
|
\headcommand {\beamer@framepages {4}{4}}
|
||||||
|
\headcommand {\slideentry {0}{0}{5}{5/5}{}{0}}
|
||||||
|
\headcommand {\beamer@framepages {5}{5}}
|
||||||
|
\headcommand {\slideentry {0}{0}{6}{6/6}{}{0}}
|
||||||
|
\headcommand {\beamer@framepages {6}{6}}
|
||||||
|
\headcommand {\slideentry {0}{0}{7}{7/7}{}{0}}
|
||||||
|
\headcommand {\beamer@framepages {7}{7}}
|
||||||
|
\headcommand {\slideentry {0}{0}{8}{8/8}{}{0}}
|
||||||
|
\headcommand {\beamer@framepages {8}{8}}
|
||||||
|
\headcommand {\beamer@partpages {1}{8}}
|
||||||
|
\headcommand {\beamer@subsectionpages {1}{8}}
|
||||||
|
\headcommand {\beamer@sectionpages {1}{8}}
|
||||||
|
\headcommand {\beamer@documentpages {8}}
|
||||||
|
\headcommand {\gdef \inserttotalframenumber {7}}
|
Binary file not shown.
|
@ -0,0 +1,24 @@
|
||||||
|
\documentclass{beamer}
|
||||||
|
\usetheme[numbering=progressbar]{focus}
|
||||||
|
\definecolor{main}{RGB}{47, 161, 219}
|
||||||
|
\definecolor{textcolor}{RGB}{128, 128, 128}
|
||||||
|
\definecolor{background}{RGB}{240, 247, 255}
|
||||||
|
|
||||||
|
\usepackage[utf8]{inputenc}
|
||||||
|
\usepackage{tikz}
|
||||||
|
\usepackage{listings}
|
||||||
|
\usetikzlibrary{positioning}
|
||||||
|
\usetikzlibrary{shapes,arrows}
|
||||||
|
|
||||||
|
|
||||||
|
\title{MISP-STIX Project}
|
||||||
|
\subtitle{Python library to convert MISP <-> STIX}
|
||||||
|
\author{MISP core team \\ \emph{TLP:WHITE}}
|
||||||
|
\date{MISP Training}
|
||||||
|
\titlegraphic{\includegraphics[scale=0.55]{misp.pdf}}
|
||||||
|
\institute{MISP Project \\ \url{https://www.misp-project.org/}}
|
||||||
|
|
||||||
|
|
||||||
|
\begin{document}
|
||||||
|
\include{content}
|
||||||
|
\end{document}
|
Loading…
Reference in New Issue