MISP
/
misp-training
mirror of https://github.com/MISP/misp-training
2
0
Fork 0
Code Issues Releases Wiki Activity

new: [what is misp] intro deck added

pull/24/head
iglocska 2023-09-30 11:07:13 +02:00
parent 9f4ac1d8d5
commit c1b7ec1dfb
No known key found for this signature in database
GPG Key ID: BEA224F1FEF113AC
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
0.1-what-is-misp/content.tex
View File

@ -14,7 +14,7 @@
\begin{itemize} \begin{itemize}
\item National CERT for the private sector, communes, non-govermental entities in Luxembourg \item National CERT for the private sector, communes, non-govermental entities in Luxembourg
\item Government-driven initiative, funded by the Ministry of Economy \item Government-driven initiative, funded by the Ministry of Economy
\item Mission is to provide a systematic response facility to computer security threats and incidents \item Mission is to provide a systematic response to computer security threats and incidents
\item Open Source toolsmiths \item Open Source toolsmiths
\end{itemize} \end{itemize}
\item Our relationship with MISP has two sides \item Our relationship with MISP has two sides
@ -109,8 +109,8 @@
\item {\bf Trust groups} running MISP communities in island mode (air gapped system) or partially connected mode. \item {\bf Trust groups} running MISP communities in island mode (air gapped system) or partially connected mode.
\item {\bf Financial sector} (banks, ISACs, payment processing organizations) use MISP as a sharing mechanism. \item {\bf Financial sector} (banks, ISACs, payment processing organizations) use MISP as a sharing mechanism.
\item {\bf Military and international organizations} (NATO, military CSIRTs, n/g CERTs,...). \item {\bf Military and international organizations} (NATO, military CSIRTs, n/g CERTs,...).
\item {\bf Security vendors} running their own communities or interfacing with MISP communities. \item {\bf Security vendors} running their own communities.
\item {\bf Sectorial communities} Telcoes, ISPs, Medical services, Air traffic control, ... \item {\bf Sectorial communities} Telcoes, ISPs, Medical, ATF, ...
\item {\bf Topical communities} set up to tackle individual specific issues (disinformation, SIGINT, COVID-19, ...) \item {\bf Topical communities} set up to tackle individual specific issues (disinformation, SIGINT, COVID-19, ...)
\end{itemize} \end{itemize}
\end{frame} \end{frame}
@ -127,7 +127,7 @@
\begin{frame} \begin{frame}
\frametitle{Information quality management} \frametitle{Information quality management}
\begin{itemize} \begin{itemize}
\item What do we consider {\bf actionable itelligence}? \item What do we consider {\bf actionable intelligence}?
\begin{itemize} \begin{itemize}
\item Conflicting requirements - analyst work vs automated blocking for example \item Conflicting requirements - analyst work vs automated blocking for example
\end{itemize} \end{itemize}
@ -231,7 +231,7 @@
\item Highly configurable per community need \item Highly configurable per community need
\begin{itemize} \begin{itemize}
\item Hundreds of {\bf configuration options} to manage MISP behaviours \item Hundreds of {\bf configuration options} to manage MISP behaviours
\item Hooking and modifying {\bf core cuntionalities via Workflows} \item Hooking and modifying {\bf core funtionalities via Workflows}
\item Custom modules via companion system ({\bf MISP-modules}) \item Custom modules via companion system ({\bf MISP-modules})
\item {\bf Modular} parts of the {\bf codebase} (e-mail templates, dashboard elements, import/export functions) \item {\bf Modular} parts of the {\bf codebase} (e-mail templates, dashboard elements, import/export functions)
\item If all of that is not enough - extensive {\bf Python library} support for DIY fans :) \item If all of that is not enough - extensive {\bf Python library} support for DIY fans :)