misp-website/content/blog/Video_MISP_Workflow.md

---
title: Training Video - MISP Workflow
date: 2022-12-15
layout: post
banner: /img/blog/workflow.png
---

# MISP Training Video December Edition - Workflow 

{{< youtube OyLE2g4zii0 >}}

MISP has been a widely used open source CTI platform for the past decade, with a long list of tools that allow users to customise the data models and contextualisation of the platform, yet true customisation of the actual workflows and processes had to be done externally using custom scripts.

With the introduction of MISP workflows, this has changed and the workshop aims to walk the audience through some of the potential ideas of how one could adapt the tool to their own CSIRT’s or SOC’s workflows by using some useful examples during the session.

## Content of Training Session

- [MISP Workflow introduction](https://www.misp-project.org/misp-training/misp-worflows-first-cti.pdf)
- [MISP Workflow Blueprints](https://github.com/MISP/misp-workflow-blueprints)

## Resources

### Cheatsheets

- [Cheatsheet: Concepts & Data model](https://www.misp-project.org/misp-training/cheatsheet.pdf)
- [Synchronisation logic](https://github.com/MISP/MISP/tree/2.4/docs/generic/Synchronisation)
- [Authentication logic](https://github.com/MISP/MISP/blob/2.4/docs/generic/Authentication%20Diagram/MISP%20Authentication%20Diagram.pdf)
- For your lawyers or if you yourself are interested in the legal docs: [MISP legal compliance (such as GDPR and alike)](https://www.misp-project.org/compliance/)

### Training materials

- Virtual machines (VirtualBox and VMWare format): [https://vm.misp-project.org/](https://vm.misp-project.org)
- All Slide Decks (source file and compiled): [https://github.com/MISP/misp-training](https://github.com/MISP/misp-training)
- PyMISP: [https://github.com/MISP/PyMISP/](https://github.com/MISP/PyMISP/)
- OpenAPI documentation: [https://www.misp-project.org/documentation/openapi.html](https://www.misp-project.org/documentation/openapi.html)
- [misp-stix](https://github.com/MISP/misp-stix/) a generic library for MISP standard format to STIX (1.1, 1.2, 2.0 and 2.1): [documentation](https://github.com/MISP/misp-stix/tree/main/documentation)


### Other ressources

- [MISP Mastodon](https://misp-community.org/@misp) - @misp@misp-community.org
- [MISP Twitter](https://twitter.com/MISPProject) - Follow to get latest news
- [Gitter MISP Support chat](https://gitter.im/MISP/Support)
- [Benefits of running your own MISP instance](https://www.misp-project.org/2019/09/25/hostev-vs-own-misp.html/)

### Acknowledgement

A huge thanks to all the participants for their active participation. The training is also part of the MeliCERTes project.

![](https://www.cerebrate-project.org/assets/images/logo/melicertes.png)
-												new: [blog] MISP workflow

											
										
										
											2022-12-15 17:29:28 +01:00
+								---
 								title: Training Video - MISP Workflow
 								date: 2022-12-15
 								layout: post
 								banner: /img/blog/workflow.png
 								---
 								# MISP Training Video December Edition - Workflow
 								{{< youtube OyLE2g4zii0 >}}
 								MISP has been a widely used open source CTI platform for the past decade, with a long list of tools that allow users to customise the data models and contextualisation of the platform, yet true customisation of the actual workflows and processes had to be done externally using custom scripts.
 								With the introduction of MISP workflows, this has changed and the workshop aims to walk the audience through some of the potential ideas of how one could adapt the tool to their own CSIRT’s or SOC’s workflows by using some useful examples during the session.
 								## Content of Training Session
 								- [MISP Workflow introduction](https://www.misp-project.org/misp-training/misp-worflows-first-cti.pdf)
 								- [MISP Workflow Blueprints](https://github.com/MISP/misp-workflow-blueprints)
 								## Resources
 								### Cheatsheets
 								- [Cheatsheet: Concepts & Data model](https://www.misp-project.org/misp-training/cheatsheet.pdf)
 								- [Synchronisation logic](https://github.com/MISP/MISP/tree/2.4/docs/generic/Synchronisation)
 								- [Authentication logic](https://github.com/MISP/MISP/blob/2.4/docs/generic/Authentication%20Diagram/MISP%20Authentication%20Diagram.pdf)
-												minor fixes
											
										
										
											2022-12-15 17:56:18 +01:00
+								- For your lawyers or if you yourself are interested in the legal docs: [MISP legal compliance (such as GDPR and alike)](https://www.misp-project.org/compliance/)
-												new: [blog] MISP workflow

											
										
										
											2022-12-15 17:29:28 +01:00
 								### Training materials
 								- Virtual machines (VirtualBox and VMWare format): [https://vm.misp-project.org/](https://vm.misp-project.org)
-												minor fixes
											
										
										
											2022-12-15 17:56:18 +01:00
+								- All Slide Decks (source file and compiled): [https://github.com/MISP/misp-training](https://github.com/MISP/misp-training)
-												new: [blog] MISP workflow

											
										
										
											2022-12-15 17:29:28 +01:00
+								- PyMISP: [https://github.com/MISP/PyMISP/](https://github.com/MISP/PyMISP/)
 								- OpenAPI documentation: [https://www.misp-project.org/documentation/openapi.html](https://www.misp-project.org/documentation/openapi.html)
 								- [misp-stix](https://github.com/MISP/misp-stix/) a generic library for MISP standard format to STIX (1.1, 1.2, 2.0 and 2.1): [documentation](https://github.com/MISP/misp-stix/tree/main/documentation)
 								### Other ressources
 								- [MISP Mastodon](https://misp-community.org/@misp) - @misp@misp-community.org
 								- [MISP Twitter](https://twitter.com/MISPProject) - Follow to get latest news
 								- [Gitter MISP Support chat](https://gitter.im/MISP/Support)
 								- [Benefits of running your own MISP instance](https://www.misp-project.org/2019/09/25/hostev-vs-own-misp.html/)
 								### Acknowledgement
 								A huge thanks to all the participants for their active participation. The training is also part of the MeliCERTes project.
 								![](https://www.cerebrate-project.org/assets/images/logo/melicertes.png)