Alexandre Dulaunoy ffb008e7b0 | ||
---|---|---|
0-intro-shorter | ||
0-misp-introduction-to-information-sharing | ||
0.1-what-is-misp | ||
1-misp-usage | ||
1.1-misp-viper-integration | ||
1.2-misp-integration | ||
1.2.1-misp-integration-mail2misp | ||
2-misp-administration | ||
3-misp-taxonomy-tagging | ||
3.1-misp-modules | ||
3.2-misp-galaxy | ||
3.3-misp-object-template | ||
4-misp-standard | ||
6.0-misp-dashboard | ||
202305-NATO-MUG-update | ||
20220615-NATO-MUG-UPDATE | ||
20221116-NATO-MUG | ||
20230930-cakefest | ||
20241010-libreoffice | ||
MUG/NATO | ||
a.0-contributing | ||
a.1-devintro | ||
a.2-pymisp | ||
a.3-misp-feed | ||
a.4-best-practices | ||
a.5-bis-decaying-indicators-light-version | ||
a.5-decaying-indicators | ||
a.6-forensic | ||
a.7-rest-API | ||
a.8-dev-hands-on | ||
a.9-restsearch-dev | ||
a.10-galaxy-2.0 | ||
a.11-misp-data-model | ||
a.12-misp-workflows | ||
a.12-misp-workflows-short | ||
a.13-misp-stix | ||
a.a-widget-dev | ||
a.b-cli | ||
a.c-deployment | ||
a.d-community-and-cerebrate | ||
a.z-misp-and-isacs | ||
a.zz-misp-and-isacs | ||
attack-2020 | ||
b.1-best-practices-in-threat-intelligence | ||
b.2-turning-data-into-actionable-intelligence | ||
b.4-turning-data-into-actionable-intelligence-short | ||
b.5-turning-data-into-actionable-intelligence-training | ||
b.5-turning-data-into-actionable-training | ||
b.6-automation | ||
cheatsheets | ||
complementary | ||
events | ||
exercises | ||
includes | ||
mii.0-security | ||
output | ||
ransomware-exercice | ||
themes | ||
training-support | ||
x.1-belgomisp | ||
x.2-melicertes | ||
x.3-into-short | ||
x.4-cansecwest | ||
x.4-sharing-going-wild | ||
x.5-covid | ||
x.6-how-information-sharing-is-saving-us | ||
x.6-isac-intro | ||
x.8-first-cti-virtual | ||
x.9-covid | ||
x.9-eu-attack-community | ||
x.10-pisax.org | ||
x.11-gsma | ||
x.12-covid-recap | ||
x.13-interpol | ||
x.14-covid-first | ||
x.15-subtitles | ||
x.16-misp-military-use-cases | ||
x.17-eu-attack-community | ||
InterNews.tar.gz | ||
README.md | ||
build.sh | ||
misp-training.pdf | ||
sunet.tar.gz | ||
table.md | ||
table2.md |
README.md
MISP Training Materials
This repository includes all the training materials in use such as
- Core MISP (software and standard) trainings
- Threat intelligence and OSINT training
- Building information sharing communities workshop
All the materials are available with the complete LaTeX source code meant to assist in contributing or extending the training materials. A special attention is given to the open source licensing given to the materials. We welcome contributions in order to improve the training set for threat intelligence, intelligence gathering and analysis along with specific aspects of information sharing/exchange in information and national security.
Materials
Complementary materials
Slides (PDF) | Source Code |
---|---|
complete slide desk in one PDF | source |
MISP training cheat-sheet | source |
MISP feature list (for the trainers) | source |
Additional documentation
- MISP Book - PDF ePub Kindle mobi HTML
- Best Practices in Threat Intelligence PDF HTML
- MISP Galaxy (HTML) - PDF
- MISP Galaxy dedicated website
- MISP Taxonomies (HTML) - PDF
- MISP Objects template (HTML) - PDF
- Guidelines to setting up an information sharing community such as an ISAC or ISAO - PDF
- Official MISP Install Guides
MISP Training videos
Sample videos which can be used to understand how the training materials are used in companion with a live MISP demo instance.
- MISP Workflow - 16th December 2022
- MISP Best Practices for encoding threat intelligence (3 hours - online) - 15th December 2022
- MISP Training Administration and Deployment of MISP software - 14th September 2022
- MISP Training Threat Intelligence Introduction for Analysts and Security Professional - 13th September 2022
- Fundamentals MISP given FIRSTdotOrg 2021 Virtual Symposium African and Arab regions - 18th December 2021
- MISP General Usage Training - Part 1 of 2
- MISP General Usage Training - Part 2 of 2
- MISP Training Usage - Training given the 2nd March 2021 - 2h50 min
- MISP Training Administration and Building Communities- Training given the 3rd March 2021 - 2h56min
- MISP Training Module 1 - An Introduction to Cybersecurity Information Sharing
- MISP Training Module 2 - General usage of MISP
- MISP covid-19 sharing community - introduction
Passive DNS and MISP - Training videos
- Farsight Passive DNS and MISP - Part I
- Farsight Passive DNS and MISP - Part II
- Farsight Passive DNS and MISP - Part III
MISP Training support videos
Those are videos to support MISP trainings or demonstrations at large:
MISP Training VMs
Pre-built MISP training VMs are available at https://vm.misp-project.org/.
Source Code
The full source code of the training slide decks are available. You'll need to have an operating system with a recent installation of LaTeX including latex-beamer to work with them.
To build the complete set of training materials:
bash build.sh
The output directory will contain all the generated PDF files and the PDF file called misp-training.pdf
which is the complete handout of all the slides.
Note: In case the rendering is somewhat broken, it might be related to latex using the styles installed systemwide in /usr/share/texlive/texmf-dist/tex/latex/beamertheme-focus
. Removing this directory will solve the problem.
Dependencies
XeLaTex, can be parametered in .tex header (works in TeXshop):
% !TEX TS-program = xelatex
% !TEX encoding = UTF-8 Unicode
License, Attribution and Funding
All the materials are dual-licensed under GNU Affero General Public License version 3 or later and the Creative Commons Attribution-ShareAlike 4.0 International. You can use either one of the licenses depending of your use case of the training materials.
The MISP project training materials are co-financed and supported by CIRCL Computer Incident Response Center Luxembourg and co-financed by a CEF (Connecting Europe Facility) funding under CEF-TC-2016-3 - Cyber Security as Improving MISP as building blocks for next-generation information sharing.
All the source code is available at https://www.github.com/MISP/misp-training.
If you reuse the training materials, don't forget to include the above for attribution.