mirror of https://github.com/MISP/misp-training
162 lines
11 KiB
TeX
162 lines
11 KiB
TeX
\documentclass[nofootinbib, a4paper]{revtex4}
|
||
%\documentclass{memoir}
|
||
\renewcommand{\familydefault}{\sfdefault}
|
||
\usepackage[x11names,svgnames,dvipsnames]{xcolor}
|
||
\usepackage{progressbar}
|
||
\usepackage{lastpage}
|
||
\usepackage{pageslts}
|
||
\usepackage{booktabs}
|
||
\usepackage{scalerel,amssymb}
|
||
\usepackage[perpage]{footmisc}
|
||
\usepackage[most]{tcolorbox}
|
||
\usepackage[unicode=true,
|
||
bookmarks=true,bookmarksnumbered=false,bookmarksopen=false,
|
||
breaklinks=false,pdfborder={0.1 0.1 0.1},backref=false,colorlinks=false,linktoc=all]
|
||
{hyperref}
|
||
\hypersetup{pdftitle={Status report 2017},
|
||
pdfauthor={CIRCL}}
|
||
\renewcommand{\arraystretch}{1.2}
|
||
\makeatletter
|
||
%\renewcommand{\bf}{\textbf}
|
||
%\renewcommand{\it}{\textit}
|
||
\usepackage{fancyhdr}
|
||
\newcommand{\ourOrganizationName}{CIRCL - Computer Incident Response Center Luxembourg - TLP:GREEN}
|
||
\newcommand{\ourOrganizationNameTitle}{CIRCL - Computer Incident Response Center Luxembourg}
|
||
\newcommand{\ourAuthors}{Team CIRCL}
|
||
\newcommand{\ourOrganizationAddress}{(+352) 247 88444 - info@circl.lu – www.circl.lu}
|
||
|
||
\begin{document}
|
||
\section*{User}
|
||
\begin{center}
|
||
\begin{tabular}{@{}lll@{}}
|
||
\hline
|
||
Check & Description&Length \\
|
||
\hline
|
||
$\Box$ & {\bf Add events} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - via Standard UI & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.3}\\
|
||
$\Box$ & - Distribution levels and publication & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - Different timestamps \& publish\_timestamp & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
|
||
$\Box$ & {\bf Add attributes} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.3}\\
|
||
$\Box$ & - Freetext & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - Standard UI & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - Template & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - ReST API & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - via EventGraph & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & {\bf Object} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - add Object & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - add References & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - show via EventGraph & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & {\bf *-lists} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - Warninglists: show warnings raised in steps above & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - Noticelists: show warnings when adding data & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - Import Regexp: avoid leaking private/personal data & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & {\bf Correlations} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - show correlations that were added & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - pivot to events via correlations & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - show correlations graph & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - feeds \& servers correlation & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & {\bf Tags and Galaxies} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - Tag from Taxonomy & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - GalaxyCluster & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - ATT\&CK pattern \& Galaxy matrix & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - Tag Collection & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & {\bf Sighting} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - via UI \& API & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & {\bf Delegation} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & {\bf Proposal} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & {\bf Delete (including soft versus hard delete) } & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - Event blocklist when deleting & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & {\bf Extending event} (how and when to use it) & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & {\bf Exporting data} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - download from & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - download from via modules & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - .json routing & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - RestSearch & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & {\bf Searching for data} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - Attribute search & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - Event index filter search & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & {\bf Advanced features} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - Event graph, Event timeline, Event report & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - Decaying of IoC & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - Galaxy 2.0 & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & {\bf Enrichments} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
$\Box$ & - Hover \& persistent & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1}\\
|
||
\hline
|
||
\end{tabular}
|
||
\end{center}
|
||
|
||
\newpage
|
||
\section*{Administrator (Community)}
|
||
\begin{center}
|
||
\begin{tabular}{@{}llll@{}}
|
||
\hline
|
||
Check & Description & Length &\\
|
||
\hline
|
||
$\Box$ & {\bf Organisations} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.5} & 10m\\
|
||
$\Box$ & - local and remote & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1} & \\
|
||
$\Box$ & - administration: Creation and merge & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.4} & \\
|
||
$\Box$ & {\bf User} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.3} & 5m\\
|
||
$\Box$ & - administration and contact via standard UI & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.2} & \\
|
||
$\Box$ & - Pasword/Auth key reset & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1} & \\
|
||
$\Box$ & - Disabling (never remove) & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1} & \\
|
||
$\Box$ & {\bf Roles and permissions} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1} & 3m\\
|
||
$\Box$ & - Constraints \& special sync-user & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1} & \\
|
||
$\Box$ & {\bf Sharing group} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.3} & 10m\\
|
||
$\Box$ & - administration via standard UI & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.3} &\\
|
||
$\Box$ & {\bf Block listing} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1} & 3m\\
|
||
$\Box$ & - Events \& Organisations & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1} & \\
|
||
$\Box$ & {\bf Synchronisation} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{1.0} & 35m\\
|
||
$\Box$ & - MISP to MISP (sync\_user, test \& preview, flow control) & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.8} & \\
|
||
$\Box$ & - Feeds to MISP (Options, overlap) & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.5} & \\
|
||
$\Box$ & - Pub-Sub & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.2} & \\
|
||
$\Box$ & {\bf Collaboration settings} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1} & \\
|
||
$\Box$ & - `proposal\_block\_attributes`, `sanitise\_attribute\_on\_delete`, `Sightings\_anonymise` & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1} & \\
|
||
$\Box$ & {\bf Templates} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1} &\\
|
||
$\Box$ & - administration via standard UI & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1} & \\
|
||
|
||
\hline
|
||
\end{tabular}
|
||
\end{center}
|
||
|
||
|
||
|
||
\newpage
|
||
\section*{Administrator (Instance)}
|
||
\begin{center}
|
||
\begin{tabular}{@{}llll@{}}
|
||
\hline
|
||
Check & Description&Length\\
|
||
\hline
|
||
$\Box$ & {\bf Advanced Auth keys} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.2} & 3m \\
|
||
$\Box$ & - Migration from old system & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1} & \\
|
||
$\Box$ & - Usage & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1} & \\
|
||
$\Box$ & {\bf Server settings} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.2} & 5m \\
|
||
$\Box$ & {\bf Maintenance} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.7} & 15m\\
|
||
$\Box$ & - Updating \& release process & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1} & \\
|
||
$\Box$ & - Submodules and populate DB & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1} & \\
|
||
$\Box$ & - Diagnostic & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.3} & \\
|
||
$\Box$ & {\bf Jobs and Workers} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.2} & 10m\\
|
||
$\Box$ & - Administration via standard UI & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.2} & \\
|
||
$\Box$ & - Scheduled Tasks and CRON jobs & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1} & \\
|
||
$\Box$ & {\bf User settings \& User management} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.3} & 5m\\
|
||
$\Box$ & - User settings & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.2} & \\
|
||
$\Box$ & - User monitoring, self-management, auto-registration & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1} & \\
|
||
$\Box$ & {\bf Logging \& auditing} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.2} & 10m \\
|
||
$\Box$ & - Logs (and purge: event history) & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.2} & \\
|
||
$\Box$ & - Paranoid, IP \& Auth log, Sync audit & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1} & \\
|
||
$\Box$ & {\bf Troubleshooting} & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.3} & 5m \\
|
||
$\Box$ & - Clean cache \& DB Schema diagnostic & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1} & \\
|
||
$\Box$ & - Stuck workers & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1} & \\
|
||
$\Box$ & - Update in progress & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1} & \\
|
||
$\Box$ & - Apache logs \& workers logs & \progressbar[filledcolor=ForestGreen, emptycolor=white]{0.1} & \\
|
||
\hline
|
||
\end{tabular}
|
||
\end{center}
|
||
|
||
|
||
|
||
\end{document}
|
||
|
||
|