MISP
/
misp-training
mirror of https://github.com/MISP/misp-training
2
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'master' of github.com:MISP/misp-training

changes-actionable
iglocska 2019-10-16 01:40:00 +02:00
parent f8fdedfd11 a78faa041b
commit e2835ad6cf
No known key found for this signature in database
GPG Key ID: BEA224F1FEF113AC
4 changed files with 23 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
3.2-misp-galaxy/content.tex
View File

@ -238,23 +238,29 @@
\end{adjustbox} \end{adjustbox}
\end{frame} \end{frame}
\begin{frame}[fragile]
\frametitle{Galaxy JSON matrix-like}
\includegraphics[width=0.9\linewidth]{screenshots/galaxy-matrix.png}
\end{frame}
\begin{frame}[fragile] \begin{frame}[fragile]
\frametitle{Galaxy JSON matrix-like} \frametitle{Galaxy JSON matrix-like}
\begin{adjustbox}{keepaspectratio} \begin{adjustbox}{keepaspectratio}
\begin{lstlisting}[language=json,firstnumber=1] %\lstset{emph={kill_chain_order},emphstyle=\textbf}
\begin{lstlisting}[language=json,firstnumber=1,escapechar=@]
{ {
"description": "Universal Development and Security Guidelines as Applicable to Election Technology.", "description": "Universal Development and Security Guidelines as Applicable to Election Technology.",
"icon": "map", "icon": "map",
"kill_chain_order": { @\textbf{\color{red}"kill\_chain\_order": \{}@ @\textbf{\color{black}\textbackslash\textbackslash Tab in the matrix}@
"example-of-threats": [ @\textbf{\color{red}"example-of-threats": [}@ @\textbf{\color{black}\textbackslash\textbackslash Column in the matrix}@
"setup | party/candidate-registration", @\textbf{\color{red}"setup | party/candidate-registration",}@
"setup | electoral-rolls", @\textbf{\color{red}"setup | electoral-rolls",}@
"campaign | campaign-IT", @\textbf{\color{red}"campaign | campaign-IT",}@
"all-phases | governement-IT", @\textbf{\color{red}"all-phases | governement-IT",}@
"voting | election-technology", @\textbf{\color{red}"voting | election-technology",}@
"campaign/public-communication | media/press" @\textbf{\color{red}"campaign/public-communication | media/press"}@
] @\textbf{\color{red}]}@
}, @\textbf{\color{red}\},}@
"name": "Election guidelines", "name": "Election guidelines",
"namespace": "misp", "namespace": "misp",
"type": "guidelines", "type": "guidelines",
@ -268,14 +274,14 @@
\begin{frame}[fragile] \begin{frame}[fragile]
\frametitle{Cluster JSON matrix-like} \frametitle{Cluster JSON matrix-like}
\begin{adjustbox}{keepaspectratio} \begin{adjustbox}{keepaspectratio}
\begin{lstlisting}[language=json,firstnumber=1] \begin{lstlisting}[language=json,firstnumber=1, escapechar=@]
{ {
"description": "DoS or overload of party/campaign registration, causing them to miss the deadline", "description": "DoS or overload of party/campaign registration, causing them to miss the deadline",
"meta": { "meta": {
"date": "March 2018.", "date": "March 2018.",
"kill_chain": [ @\textbf{\color{red}"kill\_chain": [}@ @\textbf{\color{black}\textbackslash\textbackslash Define in which column the cluster should be placed}@
"example-of-threats:setup | party/candidate-registration" @\textbf{\color{red} "example-of-threats:setup | party/candidate-registration"}@
], @\textbf{\color{red}],}@
"refs": [ "refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
] ]

BIN
3.2-misp-galaxy/screenshots/galaxy-matrix.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 63 KiB

1
README.md
View File

@ -32,6 +32,7 @@ given to the materials. We welcome contributions in order to improve the trainin
| [a.5-decaying-indicators](https://www.misp-project.org/misp-training/a.5-decaying-indicators.pdf) | [source](https://github.com/MISP/misp-training/tree/master/a.5-decaying-indicators) | | [a.5-decaying-indicators](https://www.misp-project.org/misp-training/a.5-decaying-indicators.pdf) | [source](https://github.com/MISP/misp-training/tree/master/a.5-decaying-indicators) |
| [a.6-forensic](https://www.misp-project.org/misp-training/a.6-forensic.pdf) | [source](https://github.com/MISP/misp-training/tree/master/a.6-forensic) | | [a.6-forensic](https://www.misp-project.org/misp-training/a.6-forensic.pdf) | [source](https://github.com/MISP/misp-training/tree/master/a.6-forensic) |
| [a.7-rest-API](https://www.misp-project.org/misp-training/a.7-rest-API.pdf) | [source](https://github.com/MISP/misp-training/tree/master/a.7-rest-API) | | [a.7-rest-API](https://www.misp-project.org/misp-training/a.7-rest-API.pdf) | [source](https://github.com/MISP/misp-training/tree/master/a.7-rest-API) |
| [a.8-dev-hands-on.pdf](https://www.misp-project.org/misp-training/a.8-dev-hands-on.pdf) | [source](https://github.com/MISP/misp-training/tree/master/a.8-dev-hands-on) |
| [b.1-best-practices-in-threat-intelligence](https://www.misp-project.org/misp-training/b.1-best-practices-in-threat-intelligence.pdf) | [source](https://github.com/MISP/misp-training/tree/master/best-practices-in-threat-intelligence) | [b.1-best-practices-in-threat-intelligence](https://www.misp-project.org/misp-training/b.1-best-practices-in-threat-intelligence.pdf) | [source](https://github.com/MISP/misp-training/tree/master/best-practices-in-threat-intelligence)
### Complementary materials ### Complementary materials

2
build.sh
View File

@ -1,7 +1,7 @@
#!/bin/bash #!/bin/bash
# #
slidedecks=("0-misp-introduction-to-information-sharing" "1-misp-usage" "1.2-misp-integration" "1.1-misp-viper-integration" "1.2.1-misp-integration-mail2misp" "2-misp-administration" "3-misp-taxonomy-tagging" "3.1-misp-modules" "3.2-misp-galaxy" "3.3-misp-object-template" "6.0-misp-dashboard" "a.0-contributing" "a.1-devintro" "a.2-pymisp" "a.3-misp-feed" "a.4-best-practices" "a.5-decaying-indicators" "a.6-forensic" "a.7-rest-API" "b.1-best-practices-in-threat-intelligence") slidedecks=("0-misp-introduction-to-information-sharing" "1-misp-usage" "1.2-misp-integration" "1.1-misp-viper-integration" "1.2.1-misp-integration-mail2misp" "2-misp-administration" "3-misp-taxonomy-tagging" "3.1-misp-modules" "3.2-misp-galaxy" "3.3-misp-object-template" "6.0-misp-dashboard" "a.0-contributing" "a.1-devintro" "a.2-pymisp" "a.3-misp-feed" "a.4-best-practices" "a.5-decaying-indicators" "a.6-forensic" "a.7-rest-API" "b.1-best-practices-in-threat-intelligence" "a.8-dev-hands-on")
mkdir output mkdir output
export TEXINPUTS=::`pwd`/themes/ export TEXINPUTS=::`pwd`/themes/
echo ${TEXINPUTS} echo ${TEXINPUTS}