MISP
/
misp-training
mirror of https://github.com/MISP/misp-training
2
0
Fork 0
Code Issues Releases Wiki Activity

chg:[attack] add an intro to MISP galaxy

pull/25/head
Alexandre Dulaunoy 2024-05-16 13:10:26 +02:00
parent 1ae215553d
commit c289800fb9
2 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
x.17-eu-attack-community/content.tex
View File

@ -5,6 +5,20 @@
\titlepage \titlepage
\end{frame} \end{frame}
\begin{frame}
\frametitle{What is a MISP Galaxy?}
\begin{itemize}
\item MISP Galaxy is a feature in MISP and a MISP standard\footnote{\url{https://www.misp-standard.org/}} format to create {\bf contextualization libraries}.
\begin{itemize}
\item There are two main types: \textbf{combined list} or \textbf{matrix-like list}.
\end{itemize}
\item The first historical matrix-like galaxy was MITRE ATT\&CK\footnote{Presented at the first EU ATT\&CK community meeting in Luxembourg}.
\item Galaxies contain intelligence that can be \textbf{structured} in a matrix-like format. Relationships between models can be created, and implementation such as in MISP allows for the \textbf{forking and sharing of information}. This is typically attached to intelligence in threat intelligence platforms to add context.
\end{itemize}
\end{frame}
\begin{frame} \begin{frame}
\frametitle{MISP galaxies over time} \frametitle{MISP galaxies over time}
\begin{center} \begin{center}

BIN
x.17-eu-attack-community/slide.pdf
View File

Binary file not shown.