wip

b.4-turning-data-into-actionable-intelligence-short/content.tex

@@ -26,7 +26,8 @@
 \begin{frame}
 \frametitle{What is MISP?}
 \begin{itemize}
-       \item Open source "TISP"
+       \item Open source "TISP" - A TIP with a strong focus on sharing
+       \item Thanks to Andreas we don't have to explain what a TIP is... :) 
        \item A tool that {\bf collects} information from partners, your analysts, your tools, feeds
        \item Normalises, correlates, enriches the data
        \item Allows teams and communities to {\bf collaborate}
@@ -44,7 +45,7 @@
                 \item Distinguish between information of interest and raw data
                 \item {\bf False-positive} management
                 \item TTPs and aggregate information may be prevalent compared to raw data (risk assessment)
-                \item {\bf Increased data volumes} leads to be able to prioritise
+                \item {\bf Increased data volumes} leads to a need to be able to prioritise
 	\end{itemize}
 	\item These help with filtering your TI based on your {\bf requirements}...
 	\item ...as highlighted by Pasquale Stirparo \textit{Your Requirements Are Not My Requirements}
@@ -188,6 +189,7 @@
 \begin{frame}
   \frametitle{A brief history of time - Adding temporality to our data}
   \begin{itemize}
+    \item As Andreas mentioned before us - the lack of the time based aspect was painful at times
     \item Recently introduced {\bf \texttt{first\_seen}} and {\bf \texttt{last\_seen}} data points
     \item Along with a complete integration with the {\bf UI}
     \item Enables the {\bf visualisation} and {\bf adjustment} of indicators timeframes