mirror of https://github.com/MISP/misp-training
chg: [attack] updated slides
parent
0561d35248
commit
2383d86b84
|
@ -31,7 +31,8 @@
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Seeing the success of the ATT\&CK framework in MISP gave rise to a host of matrix-based models:
|
\item Seeing the success of the ATT\&CK framework in MISP gave rise to a host of matrix-based models:
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Inflation? We don’t think so. There are {\bf different models} because there are many {\bf different use cases to be represented}.
|
\item Inflation? We don’t think so.
|
||||||
|
\item There are {\bf different models} because there are many {\bf different use cases to be represented}.
|
||||||
\item We found this to be good as long as those models are maintained.
|
\item We found this to be good as long as those models are maintained.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
@ -40,7 +41,7 @@
|
||||||
\begin{frame}
|
\begin{frame}
|
||||||
\frametitle{MISP galaxies over time}
|
\frametitle{MISP galaxies over time}
|
||||||
\begin{center}
|
\begin{center}
|
||||||
\includegraphics[scale=0.13]{./screenshots/timeline.png}
|
\includegraphics[scale=0.16]{./screenshots/timeline.png}
|
||||||
\end{center}
|
\end{center}
|
||||||
\end{frame}
|
\end{frame}
|
||||||
|
|
||||||
|
@ -77,8 +78,12 @@
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Interaction with the framework owner.
|
\item Interaction with the framework owner.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\item Create the conversion script.
|
\item Create the conversion script, or do by hand.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
\begin{center}
|
||||||
|
\includegraphics[scale=0.3]{./screenshots/uuid-extraction.png}
|
||||||
|
\includegraphics[scale=0.3]{./screenshots/uuid-generation.png}
|
||||||
|
\end{center}
|
||||||
\end{frame}
|
\end{frame}
|
||||||
|
|
||||||
\begin{frame}
|
\begin{frame}
|
||||||
|
@ -94,8 +99,8 @@
|
||||||
\item Create specific tooling to help or partially automate the creation of relations.
|
\item Create specific tooling to help or partially automate the creation of relations.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\begin{center}
|
\begin{center}
|
||||||
\includegraphics[scale=0.2]{./screenshots/rel-gen-example.png}
|
\includegraphics[scale=0.35]{./screenshots/rel-gen-example.png}
|
||||||
\includegraphics[scale=0.2]{./screenshots/rel-gen-help.png}
|
% \includegraphics[scale=0.3]{./screenshots/rel-technique-re-search.png}
|
||||||
\end{center}
|
\end{center}
|
||||||
\end{frame}
|
\end{frame}
|
||||||
|
|
||||||
|
@ -112,6 +117,9 @@
|
||||||
\item Conversion script breaks.
|
\item Conversion script breaks.
|
||||||
\item Keeping contributed relationships.
|
\item Keeping contributed relationships.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
\begin{center}
|
||||||
|
\includegraphics[scale=0.3]{./screenshots/new-uuids-everywhere.png}
|
||||||
|
\end{center}
|
||||||
\end{frame}
|
\end{frame}
|
||||||
|
|
||||||
\begin{frame}
|
\begin{frame}
|
||||||
|
@ -152,11 +160,11 @@
|
||||||
\begin{frame}
|
\begin{frame}
|
||||||
\frametitle{10 Golden Rules for Framework Creators (Community)}
|
\frametitle{10 Golden Rules for Framework Creators (Community)}
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item 1. Publish and communicate.
|
\item 6. Publish and communicate.
|
||||||
\item 2. Update regularly.
|
\item 7. Update regularly.
|
||||||
\item 3. Encourage third-party contributions.
|
\item 8. Encourage third-party contributions.
|
||||||
\item 4. Expand existing frameworks.
|
\item 9. Expand existing frameworks.
|
||||||
\item 5. Collaborate with other framework creators.
|
\item 10. Collaborate with other framework creators.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\end{frame}
|
\end{frame}
|
||||||
|
|
||||||
|
|
Binary file not shown.
Before Width: | Height: | Size: 178 KiB After Width: | Height: | Size: 54 KiB |
Binary file not shown.
Before Width: | Height: | Size: 388 KiB After Width: | Height: | Size: 313 KiB |
Loading…
Reference in New Issue