new: [2023] slide decks added
|
@ -0,0 +1,32 @@
|
|||
The following topics will be covered along with their implementation in Cerebrate:
|
||||
|
||||
- Attendees will learn about a new open source platform solving several, often frustrating issues
|
||||
- Loads of communities
|
||||
- Loads of UUIDs to manually process
|
||||
- Loads of points of contacts
|
||||
- Loads of Sharing Group issues / Inconsistencies
|
||||
- An organisation registry for sharing communities utilising open source tools such as MISP
|
||||
- Solution: Simplicity, light and open-source
|
||||
- Technology used: PHP, cakephp4, BS5, ...
|
||||
- Main purpose: Contact DB
|
||||
- Flexible system to store additional information: Meta-template as KV-store
|
||||
- How to manage and serve trust information, including organisational information, cryptographic signing keys, mailing lists to a community
|
||||
- Web interface and API to ease interaction
|
||||
- Open directory
|
||||
- Cerebrate information sharing and remote-trust (- Cerebrate-to-Cerebrate connection)
|
||||
- Practical examples:
|
||||
- Sharing group: Share an incident with your constituency
|
||||
- Cryptographic keys repository: MISP protected event Example
|
||||
- A tool that help managing local tools
|
||||
- Local tools: Design and Connectors
|
||||
- Example: MISP Fleet management
|
||||
- Open dialogues to community members to request tool to tool interconnections
|
||||
- Exposed local tools
|
||||
- SYN, SYN/ACK, ACK ( People chatting)
|
||||
- Local tool inter-connection via synchronisation configuration profiles
|
||||
- Examepl: MISP Inter-connection
|
||||
- Roadmap
|
||||
- Integration with other tools
|
||||
- Ticketing systems
|
||||
- Mailing list (Mailman)
|
||||
- Messaging App (mattermost)
|
|
@ -0,0 +1,246 @@
|
|||
% DO NOT COMPILE THIS FILE DIRECTLY!
|
||||
% This is included by the other .tex files.
|
||||
|
||||
\begin{frame}[t,plain]
|
||||
\titlepage
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{The aim of this presentation}
|
||||
\begin{itemize}
|
||||
\item Cerebrate
|
||||
\begin{itemize}
|
||||
\item What has happened since the last MUG
|
||||
\item Give you a brief update over the highlights
|
||||
\item Ongoing work
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Statistics}
|
||||
\begin{itemize}
|
||||
\item Since the last MUG we've had:
|
||||
\begin{itemize}
|
||||
\item {\bf 4} releases
|
||||
\item {\bf 83} commits
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{CNW Pilot}
|
||||
\begin{itemize}
|
||||
\item Collaboration with ENISA and CNW community
|
||||
\begin{itemize}
|
||||
\item Bug fixes
|
||||
\item Usability rework
|
||||
\item Additional supporting tools
|
||||
\item New feature requests
|
||||
\item Security fixes
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\section{Give you a brief update over the highlights}
|
||||
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Enumerations}
|
||||
\begin{itemize}
|
||||
\item Create lists of enumerations for selector fields
|
||||
\item Unified way of expressing countries, types of organisations
|
||||
\item Created ad-hoc per instance
|
||||
\end{itemize}
|
||||
\begin{center}
|
||||
\includegraphics[width=1.0\linewidth]{pictures/enumeration.png}
|
||||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Organisation group management}
|
||||
\begin{itemize}
|
||||
\item Create {\bf sub-groups} in the community
|
||||
\item For example national groups, with appointed administration
|
||||
\item Improve {\bf life-cycle management of user accounts}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Organisation group management}
|
||||
\begin{center}
|
||||
\includegraphics[width=1.0\linewidth]{pictures/OrgGroup.png}
|
||||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{MISP management}
|
||||
\begin{itemize}
|
||||
\item Be able to manage {\bf Cerebrate interconnections}...
|
||||
\item ...and {\bf MISP instances}
|
||||
\item Visual overview, simple access
|
||||
\item Debugging and diagnostics
|
||||
\item Data management
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Topology}
|
||||
\begin{center}
|
||||
\includegraphics[width=1.0\linewidth]{pictures/orchestration1.png}
|
||||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{MISP management}
|
||||
\begin{itemize}
|
||||
\item Built using {\bf mermaid.js}
|
||||
\item Can export itself as mermaid markdown
|
||||
\item Easy to use for documentation
|
||||
\item {\bf Diagnostics} relies on connector module implementation
|
||||
\item Quick {\bf pivots} to all tool and connected cerebrate functinalities
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{MISP connector updates}
|
||||
\begin{itemize}
|
||||
\item New features to better negotiate information exchange
|
||||
\item View / compare {\bf state} of data repositories
|
||||
\item Multi-select {\bf bulk ingest}
|
||||
\item Rule based {\bf bulk push}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Connector interface}
|
||||
\begin{center}
|
||||
\includegraphics[width=1.0\linewidth]{pictures/orchestration2.png}
|
||||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Push rules}
|
||||
\begin{center}
|
||||
\includegraphics[width=1.0\linewidth]{pictures/orchestration3.png}
|
||||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Quality of life improvements}
|
||||
\begin{itemize}
|
||||
\item Meta-template {\bf version migrations} rework
|
||||
\begin{itemize}
|
||||
\item Various supported strategies (update, delete)
|
||||
\end{itemize}
|
||||
\item New community management settings
|
||||
\item {\bf CLI tools} for enrollment
|
||||
\item UI rework to streamline user interactions
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Quality of life improvements}
|
||||
\begin{itemize}
|
||||
\item {\bf Download filtered results}
|
||||
\item Export as {\bf CSV}
|
||||
\item Includes all custom meta-fields
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Quality of life improvements}
|
||||
\begin{itemize}
|
||||
\item {\bf Search and filter based on custom fields}
|
||||
\item Define rules on what to display in terms of custom fields by default
|
||||
\item Search on related data
|
||||
\item Modify and {\bf extend roles} with metafields
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Sharing group rework}
|
||||
\begin{itemize}
|
||||
\item Match what MISP does
|
||||
\item Sharing group extenders
|
||||
\item {\bf Sync sharing groups to/from MISP}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Cake-fuzzer}
|
||||
\begin{itemize}
|
||||
\item Developped by {\bf Zigrin security}, run by NCIA alumn {\bf Dawid Czarnecki}
|
||||
\item Funded by the {\bf Luxembourg Armed Forces}
|
||||
\item Full blown {\bf fuzzing framework targeting MISP and Cerebrate}
|
||||
\item Long list of {\bf high severity CVEs} discovered
|
||||
\item Constant development, open source
|
||||
\item Will become part of our release CI pipeline
|
||||
\item \url{https://github.com/Zigrin-Security/CakeFuzzer}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
|
||||
|
||||
\section{What we're working on}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Issues we're trying to solve as of late for ourselves}
|
||||
\begin{itemize}
|
||||
\item {\bf Contact management} across large interconnected networks
|
||||
\item {\bf Constituency} information
|
||||
\begin{itemize}
|
||||
\item Geographic \& sectorial
|
||||
\item But also technical: CIDR blocks \& AS Numbers
|
||||
\end{itemize}
|
||||
\item Managing our MISP fleets for various use-cases
|
||||
\item {\bf Distribution list} management
|
||||
\item MISP cryptographic signing {\bf PKI} management
|
||||
\begin{itemize}
|
||||
\item MISP's protected event feature
|
||||
\item Future: Protected Sharing groups?
|
||||
\end{itemize}
|
||||
\item Creating data buckets in MISP for better retrieval
|
||||
\item Sub-group self management
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{A bit about our internal topology}
|
||||
\begin{center}
|
||||
\includegraphics[width=1\linewidth]{pictures/our_topology.png}
|
||||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Deployment}
|
||||
\begin{itemize}
|
||||
\item \textbf{Deploying} the topology above
|
||||
\item Standing up a {\bf NATO community Cerebrate} instance
|
||||
\begin{itemize}
|
||||
\item Details to be finalised, hosted at CIRCL
|
||||
\item Based on previous discussions at MUG and steering board
|
||||
\end{itemize}
|
||||
\item \textbf{Deploying} an Open lookup Cerebrate
|
||||
\item Supporting the finalisation of the CNW deployment
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Development}
|
||||
\begin{itemize}
|
||||
\item Further MISP integrations
|
||||
\item Integration with other tools
|
||||
\item Community centric PKI
|
||||
\begin{itemize}
|
||||
\item Protected mode support
|
||||
\item General data signing support for MISP
|
||||
\end{itemize}
|
||||
\item Mailing group management
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
|
After Width: | Height: | Size: 148 KiB |
After Width: | Height: | Size: 497 KiB |
After Width: | Height: | Size: 75 KiB |
After Width: | Height: | Size: 44 KiB |
After Width: | Height: | Size: 80 KiB |
After Width: | Height: | Size: 148 KiB |
After Width: | Height: | Size: 175 KiB |
After Width: | Height: | Size: 231 KiB |
After Width: | Height: | Size: 11 KiB |
After Width: | Height: | Size: 9.5 KiB |
After Width: | Height: | Size: 21 KiB |
After Width: | Height: | Size: 15 KiB |
After Width: | Height: | Size: 70 KiB |
After Width: | Height: | Size: 204 KiB |
After Width: | Height: | Size: 189 KiB |
After Width: | Height: | Size: 191 KiB |
After Width: | Height: | Size: 7.7 KiB |
After Width: | Height: | Size: 30 KiB |
|
@ -0,0 +1,52 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<!-- Generator: Adobe Illustrator 24.2.3, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
|
||||
<svg version="1.1" id="Camada_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
|
||||
viewBox="0 0 432.9 56.7" style="enable-background:new 0 0 432.9 56.7;" xml:space="preserve">
|
||||
<style type="text/css">
|
||||
.st0{fill:#FF8000;}
|
||||
.st1{fill-rule:evenodd;clip-rule:evenodd;fill:#FF8000;}
|
||||
.st2{fill-rule:evenodd;clip-rule:evenodd;fill:#FFFFFF;}
|
||||
.st3{fill:#FFFFFF;stroke:#FFFFFF;stroke-width:0.2191;stroke-miterlimit:10;}
|
||||
</style>
|
||||
<g>
|
||||
<path class="st0" d="M356.1,19.4c1.7-11,10.4-19,21.5-19c10.4,0,16.1,7.9,14.5,18c-1.6,10.3-10.2,19-18.3,25.5l0.1,0.1
|
||||
c2.5-0.1,5.1-0.5,7.6-0.5h6.1l-2,12.7h-37.8l17.5-19.3c4.9-5.5,11.5-12.4,12.6-19.4c0.4-2.1-0.1-4.9-2.6-4.9
|
||||
c-3.2,0-4.3,4.4-4.7,6.7l-0.3,2h-14.3L356.1,19.4z"/>
|
||||
<path class="st0" d="M396.7,19.4c1.7-11,10.4-19,21.5-19c10.4,0,16.1,7.9,14.5,18c-1.6,10.3-10.2,19-18.3,25.5l0.1,0.1
|
||||
c2.5-0.1,5.1-0.5,7.6-0.5h6.1l-2,12.7h-37.8l17.5-19.3c4.9-5.5,11.5-12.4,12.6-19.4c0.4-2.1-0.1-4.9-2.6-4.9
|
||||
c-3.2,0-4.3,4.4-4.7,6.7l-0.3,2h-14.3L396.7,19.4z"/>
|
||||
<g>
|
||||
<path class="st0" d="M37.8,39.9h-8.4L24,56.7h-7.2l5.3-16.8h-7L9.7,56.7H2.2l5.4-16.8H0l1.5-8.6h9l2.4-7.2H5.1l1.5-8.6h9L20.6,0
|
||||
h7.2l-5,15.5h7.1l5-15.5h7.5l-5.1,15.5h6.9l-1.5,8.6h-8.2l-2.2,7.2h7L37.8,39.9z M20.1,24.1l-2.2,7.2H25l2.2-7.2H20.1z"/>
|
||||
</g>
|
||||
<g>
|
||||
<g>
|
||||
<polygon class="st1" points="104.8,0.5 103,11.6 87.6,11.6 89.4,0.5 "/>
|
||||
<polygon class="st2" points="86.5,22.2 81.2,55.6 96.2,55.6 101.4,22.2 "/>
|
||||
<path class="st2" d="M154.7,22.2c0.2,1.9,0.7,3.4,1.6,4.9c1.5,2.6,3.7,4.8,6.3,7c0.8,0.7,1.6,1.3,2.1,2.1
|
||||
c0.6,0.8,0.9,1.8,0.7,3.1c-0.4,2.4-2.9,3.7-5,3.7c-3.8,0-6.9-3.1-8.5-6.1l-2.7,17.2c3.3,1.5,7,2.3,10.8,2.3
|
||||
c10.4,0,18.8-8.2,20.5-18.4c0.7-4.2,0.2-7.1-1.2-9.6c-1.2-2.3-3.1-4.1-5.6-6.2H154.7z"/>
|
||||
<polygon class="st2" points="186.8,55.6 201.8,55.6 207,22.2 192.2,22.2 "/>
|
||||
<path class="st2" d="M174.4,0.5c-9.3,0-14.9,5.2-17.7,11.1h60.7l1.8-11.1C219.1,0.5,177.8,0.5,174.4,0.5z"/>
|
||||
<path class="st2" d="M147.6,11.7C146.2,3,138.5,0.5,128,0.5h-14.4l-1.8,11.1L147.6,11.7z"/>
|
||||
<path class="st2" d="M146.7,22.2h-15.1h-6.4h-15L105,55.6h14.9l2.4-14.8c0.4-2.7,0.7-5.4,1.1-8.1l0.2-0.1l4.6,23h16.1l-7.4-23
|
||||
C141.9,30.7,145.1,26.8,146.7,22.2z"/>
|
||||
<g>
|
||||
<polygon class="st2" points="79.7,11.6 81.6,0.5 55.2,0.5 47,55.6 60.9,55.6 62.1,55.6 65.4,34.5 75.5,34.5 77.3,22.2
|
||||
67.4,22.2 69,11.6 "/>
|
||||
</g>
|
||||
</g>
|
||||
<g>
|
||||
<path class="st3" d="M251.9,11.5c-0.9-0.6-3-1.3-5.4-1.3c-3.8,0-6.9,2-9.3,5c-4.1,5.2-6.7,14.2-6.7,20.9c0,6.4,2.3,10.5,7.7,10.5
|
||||
c2.8,0,5.5-0.9,6.9-1.6l1.1,8.4c-2.6,1.8-7,3.1-11.9,3.1c-11.6,0-16.9-8.7-16.9-19.6c0-10.3,4.3-22.6,11.9-29.5
|
||||
c4.2-3.9,9.7-6.3,15.9-6.3c4.8,0,8.9,1.3,11,3.1L251.9,11.5z"/>
|
||||
<path class="st3" d="M289.5,46.8c-4.4,5.9-10.6,9.7-19.1,9.7c-11.4,0-16.8-7.7-16.8-18.9c0-8.8,3.3-19.8,8.4-26.7
|
||||
c4.5-5.9,10.8-9.8,19-9.8c11.8,0,16.6,7.9,16.6,18.5C297.7,28.3,294.6,39.8,289.5,46.8z M280,9.5c-3.9,0-6.6,3.4-8.8,8.1
|
||||
c-2.5,5.2-5.2,15.8-5.2,21.8c0,4.5,1.4,7.7,5.6,7.7c4,0,6.7-3.4,8.8-8.2c2.4-5.5,4.9-15.9,4.9-21.7C285.4,12.8,284.1,9.5,280,9.5
|
||||
z"/>
|
||||
<path class="st3" d="M339.9,55.7h-9.3l-11.7-30.2c-1.1-2.8-1.8-5.6-1.8-5.6h-0.2c0,0-0.3,2.9-0.9,5.9l-6.2,29.9h-10.6l11.1-53.8
|
||||
h10.8l10.9,27.5c1.1,2.7,1.8,5.2,1.8,5.2h0.2c0,0,0.2-2.6,0.9-5.4l5.6-27.4H351L339.9,55.7z"/>
|
||||
</g>
|
||||
</g>
|
||||
</g>
|
||||
</svg>
|
After Width: | Height: | Size: 3.4 KiB |
After Width: | Height: | Size: 4.9 KiB |
After Width: | Height: | Size: 1013 KiB |
After Width: | Height: | Size: 221 KiB |
After Width: | Height: | Size: 60 KiB |
After Width: | Height: | Size: 512 KiB |
After Width: | Height: | Size: 7.6 KiB |
After Width: | Height: | Size: 202 KiB |
After Width: | Height: | Size: 160 KiB |
After Width: | Height: | Size: 154 KiB |
After Width: | Height: | Size: 66 KiB |
After Width: | Height: | Size: 38 KiB |
After Width: | Height: | Size: 121 KiB |
After Width: | Height: | Size: 90 KiB |
After Width: | Height: | Size: 154 KiB |
After Width: | Height: | Size: 186 KiB |
After Width: | Height: | Size: 55 KiB |
After Width: | Height: | Size: 20 KiB |
After Width: | Height: | Size: 143 KiB |
After Width: | Height: | Size: 222 KiB |
After Width: | Height: | Size: 69 KiB |
After Width: | Height: | Size: 29 KiB |
After Width: | Height: | Size: 48 KiB |
After Width: | Height: | Size: 78 KiB |
After Width: | Height: | Size: 530 KiB |
After Width: | Height: | Size: 177 KiB |
After Width: | Height: | Size: 70 KiB |
After Width: | Height: | Size: 152 KiB |
After Width: | Height: | Size: 146 KiB |
After Width: | Height: | Size: 152 KiB |
After Width: | Height: | Size: 141 KiB |
After Width: | Height: | Size: 169 KiB |
|
@ -0,0 +1,22 @@
|
|||
\documentclass{beamer}
|
||||
\usetheme[numbering=progressbar]{focus}
|
||||
\definecolor{main}{RGB}{83, 31, 117}
|
||||
\definecolor{textcolor}{RGB}{0, 0, 0}
|
||||
%\definecolor{background}{RGB}{215, 212, 227}
|
||||
|
||||
\usepackage[utf8]{inputenc}
|
||||
\usepackage{tikz}
|
||||
\usepackage{listings}
|
||||
\usetikzlibrary{positioning}
|
||||
\usetikzlibrary{shapes,arrows}
|
||||
|
||||
\author{Team CIRCL}
|
||||
\title{Cerebrate update}
|
||||
\institute{Cerebrate Project}
|
||||
\titlegraphic{\includegraphics[scale=0.15]{pictures/logo.png}}
|
||||
\date{NATO MUG 2023-11-14}
|
||||
|
||||
\begin{document}
|
||||
\include{content}
|
||||
\end{document}
|
||||
|
|
@ -0,0 +1,32 @@
|
|||
The following topics will be covered along with their implementation in Cerebrate:
|
||||
|
||||
- Attendees will learn about a new open source platform solving several, often frustrating issues
|
||||
- Loads of communities
|
||||
- Loads of UUIDs to manually process
|
||||
- Loads of points of contacts
|
||||
- Loads of Sharing Group issues / Inconsistencies
|
||||
- An organisation registry for sharing communities utilising open source tools such as MISP
|
||||
- Solution: Simplicity, light and open-source
|
||||
- Technology used: PHP, cakephp4, BS5, ...
|
||||
- Main purpose: Contact DB
|
||||
- Flexible system to store additional information: Meta-template as KV-store
|
||||
- How to manage and serve trust information, including organisational information, cryptographic signing keys, mailing lists to a community
|
||||
- Web interface and API to ease interaction
|
||||
- Open directory
|
||||
- Cerebrate information sharing and remote-trust (- Cerebrate-to-Cerebrate connection)
|
||||
- Practical examples:
|
||||
- Sharing group: Share an incident with your constituency
|
||||
- Cryptographic keys repository: MISP protected event Example
|
||||
- A tool that help managing local tools
|
||||
- Local tools: Design and Connectors
|
||||
- Example: MISP Fleet management
|
||||
- Open dialogues to community members to request tool to tool interconnections
|
||||
- Exposed local tools
|
||||
- SYN, SYN/ACK, ACK ( People chatting)
|
||||
- Local tool inter-connection via synchronisation configuration profiles
|
||||
- Examepl: MISP Inter-connection
|
||||
- Roadmap
|
||||
- Integration with other tools
|
||||
- Ticketing systems
|
||||
- Mailing list (Mailman)
|
||||
- Messaging App (mattermost)
|
|
@ -0,0 +1,245 @@
|
|||
% DO NOT COMPILE THIS FILE DIRECTLY!
|
||||
% This is included by the other .tex files.
|
||||
|
||||
\begin{frame}[t,plain]
|
||||
\titlepage
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{What is Cerebrate?}
|
||||
\begin{itemize}
|
||||
\item A new-ish OSS Community management and orchestration platform
|
||||
\item Takes care of:
|
||||
\begin{itemize}
|
||||
\item {\bf Contact library} management
|
||||
\item {\bf Constituency} lookup
|
||||
\item {\bf Interconnection} Orchestration
|
||||
\item {\bf Tool management and orchestration}
|
||||
\item {\bf Sharing group} distribution and management
|
||||
\item {\bf Cryptographic key} lookup
|
||||
\item Shared services {\bf access management}
|
||||
\end{itemize}
|
||||
\item Developed initially as part of:
|
||||
\end{itemize}
|
||||
\vspace{0.5em}
|
||||
\begin{center}
|
||||
\includegraphics[width=0.55\linewidth]{pictures/melicertes.png}
|
||||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Managing large communities is difficult}
|
||||
\begin{itemize}
|
||||
\item Our MISP communities started out small
|
||||
\item Most communities acted as islands
|
||||
\item Interconnecting communities came with its own problems
|
||||
\begin{itemize}
|
||||
\item {\bf Interconnection requests}
|
||||
\item {\bf Organisation management}
|
||||
\item {\bf Enrollment} process
|
||||
\end{itemize}
|
||||
\item Finding and communicating with the right parties is difficult
|
||||
\item Managing multiple MISP instances can be tedious
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{A bit about our internal topology}
|
||||
\begin{center}
|
||||
\includegraphics[width=1\linewidth]{pictures/our_topology.png}
|
||||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Some stats about one of our MISP instance: MISPPriv}
|
||||
\begin{center}
|
||||
\includegraphics[width=0.6\linewidth]{pictures/misppriv-user-org-stats.png}
|
||||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Issues we're trying to solve}
|
||||
\begin{itemize}
|
||||
\item {\bf Contact management} across large interconnected networks
|
||||
\begin{itemize}
|
||||
\item ORG uuids, capabilities, individuals, etc
|
||||
\end{itemize}
|
||||
\item {\bf Constituency} information
|
||||
\begin{itemize}
|
||||
\item Geographic \& sectorial
|
||||
\item But also technical: CIDR blocks \& AS Numbers
|
||||
\end{itemize}
|
||||
\item Managing local tools, especially {\bf fleets of MISPs}
|
||||
\item Common access control management
|
||||
\item {\bf Distribution list} management
|
||||
\item MISP cryptographic signing {\bf PKI} management
|
||||
\begin{itemize}
|
||||
\item MISP's protected event feature
|
||||
\item Future: Protected Sharing groups?
|
||||
\end{itemize}
|
||||
\item Community centric {\bf data modelling}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Cerebrate's contact database}
|
||||
\begin{itemize}
|
||||
\item Contact database for the CSIRT network
|
||||
\begin{itemize}
|
||||
\item Common contact fields such as \texttt{UUID}, \texttt{name}, \texttt{contact email address}, \texttt{nationality}, \texttt{URL}, ...
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
\begin{center}
|
||||
\includegraphics[width=0.8\linewidth]{pictures/contact-database-1.png}
|
||||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Cerebrate's contact database: Meta-fields}
|
||||
\begin{itemize}
|
||||
\item Flexible system to store additional information: \texttt{meta-fields} (KV-store)
|
||||
\item These \texttt{meta-fields} are part of a larger structure called \texttt{meta-templates}
|
||||
\item Support of {\bf multiple templates} used by various entities out there
|
||||
\begin{itemize}
|
||||
\item FIRST Directory
|
||||
\item ENISA CSIRT inventory
|
||||
\item CSIRT Constituency (CIDR blocks, AS Numbers, ...)
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Cerebrate's contact database: Meta-fields}
|
||||
\begin{center}
|
||||
\includegraphics[width=0.99\linewidth]{pictures/meta-fields-first.png}
|
||||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Cerebrate's contact database}
|
||||
\begin{center}
|
||||
\includegraphics[width=0.99\linewidth]{pictures/contact-database-2.png}
|
||||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Managing local tools}
|
||||
\begin{itemize}
|
||||
\item Cerebrate exposes a modular system to {\bf manage these local tools}
|
||||
\item Based on a configuration file, user interfaces can be created to visualise data and instruct local tools to perform operations
|
||||
\end{itemize}
|
||||
\begin{center}
|
||||
\includegraphics[width=1.0\linewidth]{pictures/github-local-tool.png}
|
||||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Local tools: MISP Connector capabilities}
|
||||
\begin{itemize}
|
||||
\item \textbf{Configure} a MISP instances via server settings
|
||||
\item \textbf{Push and Pull} Organisations \& Sharing Groups
|
||||
\item \textbf{Diagnose} other connected MISP servers
|
||||
\item \textbf{Manage} users
|
||||
\item \textbf{Custom} actions are easy to integrated beyond the initial scope
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Local tool interconnection via Cerebrate}
|
||||
\begin{itemize}
|
||||
\item Cerebrate's main goal is to \textbf{ease community management}
|
||||
\item Select which local tools are meant to be exposed to the community for requests
|
||||
\item Open dialogues to community members to request tool-to-tool interconnections
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Local tool interconnection via Cerebrate}
|
||||
Cerebrate can leverage its access to local tool to reach out to tools from other Cerebrate nodes
|
||||
\begin{center}
|
||||
\includegraphics[width=0.85\linewidth]{pictures/tools-made-available.png}
|
||||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Development update}
|
||||
\begin{itemize}
|
||||
\item 6 releases
|
||||
\item 388 commits
|
||||
\item Ongoing work on the community management aspect...
|
||||
\item ...as well as orchestration
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Development update}
|
||||
\begin{itemize}
|
||||
\item A long list of fixes and improvements
|
||||
\item Tight collaboration with {\bf ENISA and the CSIRT-network}
|
||||
\item Ongoing pilot programme at CNW
|
||||
\item Implementing new CSIRT-network use-cases
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Development update}
|
||||
\begin{itemize}
|
||||
\item Improved {\bf controls via customisable, IAM exposed permissions}
|
||||
\item Tooling for creating {\bf vocabularies for custom field pre-sets} (enumerations)
|
||||
\item Versioning and updates of existing data for new metafield library versions
|
||||
\item An additional layer of grouping and self-governance
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Upcoming fleet release}
|
||||
\begin{itemize}
|
||||
\item New graphical UI for managing local tools and sync connections
|
||||
\item Rework of sharing groups to be closer in-line with MISP
|
||||
\item Diagnostic tools for MISP instances, exposing common misconfigurations
|
||||
\begin{itemize}
|
||||
\item PHP settings
|
||||
\item Worker health and stuck queues
|
||||
\item Out of date warnings
|
||||
\item MySQL settings
|
||||
\end{itemize}
|
||||
\item Improvements to the local tool common tools library
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Fleet management}
|
||||
\begin{center}
|
||||
\includegraphics[width=1\linewidth]{pictures/topology.png}
|
||||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Fleet management}
|
||||
\begin{center}
|
||||
\includegraphics[width=1\linewidth]{pictures/fleet2.png}
|
||||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Current roadmap}
|
||||
\begin{itemize}
|
||||
\item Upcoming {\bf fleet management} release
|
||||
\item {\bf Sharing groups} rework
|
||||
\item Data {\bf signing / validation}
|
||||
\begin{itemize}
|
||||
\item Community centric PKI
|
||||
\item Enable data validation services for tools such as MISP
|
||||
\end{itemize}
|
||||
\item {\bf Integration with other tools}
|
||||
\begin{itemize}
|
||||
\item Ticketing systems
|
||||
\item Tighter Mailing list integration (Mailman)
|
||||
\item Messaging App (Mattermost)
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
\end{frame}
|
After Width: | Height: | Size: 497 KiB |
After Width: | Height: | Size: 44 KiB |
After Width: | Height: | Size: 80 KiB |
After Width: | Height: | Size: 148 KiB |
After Width: | Height: | Size: 175 KiB |
After Width: | Height: | Size: 231 KiB |
After Width: | Height: | Size: 11 KiB |
After Width: | Height: | Size: 9.5 KiB |
After Width: | Height: | Size: 21 KiB |
After Width: | Height: | Size: 15 KiB |
After Width: | Height: | Size: 70 KiB |
After Width: | Height: | Size: 204 KiB |
After Width: | Height: | Size: 189 KiB |
After Width: | Height: | Size: 7.7 KiB |
After Width: | Height: | Size: 30 KiB |
|
@ -0,0 +1,52 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<!-- Generator: Adobe Illustrator 24.2.3, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
|
||||
<svg version="1.1" id="Camada_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
|
||||
viewBox="0 0 432.9 56.7" style="enable-background:new 0 0 432.9 56.7;" xml:space="preserve">
|
||||
<style type="text/css">
|
||||
.st0{fill:#FF8000;}
|
||||
.st1{fill-rule:evenodd;clip-rule:evenodd;fill:#FF8000;}
|
||||
.st2{fill-rule:evenodd;clip-rule:evenodd;fill:#FFFFFF;}
|
||||
.st3{fill:#FFFFFF;stroke:#FFFFFF;stroke-width:0.2191;stroke-miterlimit:10;}
|
||||
</style>
|
||||
<g>
|
||||
<path class="st0" d="M356.1,19.4c1.7-11,10.4-19,21.5-19c10.4,0,16.1,7.9,14.5,18c-1.6,10.3-10.2,19-18.3,25.5l0.1,0.1
|
||||
c2.5-0.1,5.1-0.5,7.6-0.5h6.1l-2,12.7h-37.8l17.5-19.3c4.9-5.5,11.5-12.4,12.6-19.4c0.4-2.1-0.1-4.9-2.6-4.9
|
||||
c-3.2,0-4.3,4.4-4.7,6.7l-0.3,2h-14.3L356.1,19.4z"/>
|
||||
<path class="st0" d="M396.7,19.4c1.7-11,10.4-19,21.5-19c10.4,0,16.1,7.9,14.5,18c-1.6,10.3-10.2,19-18.3,25.5l0.1,0.1
|
||||
c2.5-0.1,5.1-0.5,7.6-0.5h6.1l-2,12.7h-37.8l17.5-19.3c4.9-5.5,11.5-12.4,12.6-19.4c0.4-2.1-0.1-4.9-2.6-4.9
|
||||
c-3.2,0-4.3,4.4-4.7,6.7l-0.3,2h-14.3L396.7,19.4z"/>
|
||||
<g>
|
||||
<path class="st0" d="M37.8,39.9h-8.4L24,56.7h-7.2l5.3-16.8h-7L9.7,56.7H2.2l5.4-16.8H0l1.5-8.6h9l2.4-7.2H5.1l1.5-8.6h9L20.6,0
|
||||
h7.2l-5,15.5h7.1l5-15.5h7.5l-5.1,15.5h6.9l-1.5,8.6h-8.2l-2.2,7.2h7L37.8,39.9z M20.1,24.1l-2.2,7.2H25l2.2-7.2H20.1z"/>
|
||||
</g>
|
||||
<g>
|
||||
<g>
|
||||
<polygon class="st1" points="104.8,0.5 103,11.6 87.6,11.6 89.4,0.5 "/>
|
||||
<polygon class="st2" points="86.5,22.2 81.2,55.6 96.2,55.6 101.4,22.2 "/>
|
||||
<path class="st2" d="M154.7,22.2c0.2,1.9,0.7,3.4,1.6,4.9c1.5,2.6,3.7,4.8,6.3,7c0.8,0.7,1.6,1.3,2.1,2.1
|
||||
c0.6,0.8,0.9,1.8,0.7,3.1c-0.4,2.4-2.9,3.7-5,3.7c-3.8,0-6.9-3.1-8.5-6.1l-2.7,17.2c3.3,1.5,7,2.3,10.8,2.3
|
||||
c10.4,0,18.8-8.2,20.5-18.4c0.7-4.2,0.2-7.1-1.2-9.6c-1.2-2.3-3.1-4.1-5.6-6.2H154.7z"/>
|
||||
<polygon class="st2" points="186.8,55.6 201.8,55.6 207,22.2 192.2,22.2 "/>
|
||||
<path class="st2" d="M174.4,0.5c-9.3,0-14.9,5.2-17.7,11.1h60.7l1.8-11.1C219.1,0.5,177.8,0.5,174.4,0.5z"/>
|
||||
<path class="st2" d="M147.6,11.7C146.2,3,138.5,0.5,128,0.5h-14.4l-1.8,11.1L147.6,11.7z"/>
|
||||
<path class="st2" d="M146.7,22.2h-15.1h-6.4h-15L105,55.6h14.9l2.4-14.8c0.4-2.7,0.7-5.4,1.1-8.1l0.2-0.1l4.6,23h16.1l-7.4-23
|
||||
C141.9,30.7,145.1,26.8,146.7,22.2z"/>
|
||||
<g>
|
||||
<polygon class="st2" points="79.7,11.6 81.6,0.5 55.2,0.5 47,55.6 60.9,55.6 62.1,55.6 65.4,34.5 75.5,34.5 77.3,22.2
|
||||
67.4,22.2 69,11.6 "/>
|
||||
</g>
|
||||
</g>
|
||||
<g>
|
||||
<path class="st3" d="M251.9,11.5c-0.9-0.6-3-1.3-5.4-1.3c-3.8,0-6.9,2-9.3,5c-4.1,5.2-6.7,14.2-6.7,20.9c0,6.4,2.3,10.5,7.7,10.5
|
||||
c2.8,0,5.5-0.9,6.9-1.6l1.1,8.4c-2.6,1.8-7,3.1-11.9,3.1c-11.6,0-16.9-8.7-16.9-19.6c0-10.3,4.3-22.6,11.9-29.5
|
||||
c4.2-3.9,9.7-6.3,15.9-6.3c4.8,0,8.9,1.3,11,3.1L251.9,11.5z"/>
|
||||
<path class="st3" d="M289.5,46.8c-4.4,5.9-10.6,9.7-19.1,9.7c-11.4,0-16.8-7.7-16.8-18.9c0-8.8,3.3-19.8,8.4-26.7
|
||||
c4.5-5.9,10.8-9.8,19-9.8c11.8,0,16.6,7.9,16.6,18.5C297.7,28.3,294.6,39.8,289.5,46.8z M280,9.5c-3.9,0-6.6,3.4-8.8,8.1
|
||||
c-2.5,5.2-5.2,15.8-5.2,21.8c0,4.5,1.4,7.7,5.6,7.7c4,0,6.7-3.4,8.8-8.2c2.4-5.5,4.9-15.9,4.9-21.7C285.4,12.8,284.1,9.5,280,9.5
|
||||
z"/>
|
||||
<path class="st3" d="M339.9,55.7h-9.3l-11.7-30.2c-1.1-2.8-1.8-5.6-1.8-5.6h-0.2c0,0-0.3,2.9-0.9,5.9l-6.2,29.9h-10.6l11.1-53.8
|
||||
h10.8l10.9,27.5c1.1,2.7,1.8,5.2,1.8,5.2h0.2c0,0,0.2-2.6,0.9-5.4l5.6-27.4H351L339.9,55.7z"/>
|
||||
</g>
|
||||
</g>
|
||||
</g>
|
||||
</svg>
|
After Width: | Height: | Size: 3.4 KiB |
After Width: | Height: | Size: 4.9 KiB |
After Width: | Height: | Size: 1013 KiB |
After Width: | Height: | Size: 221 KiB |
After Width: | Height: | Size: 60 KiB |
After Width: | Height: | Size: 512 KiB |
After Width: | Height: | Size: 7.6 KiB |
After Width: | Height: | Size: 202 KiB |
After Width: | Height: | Size: 160 KiB |
After Width: | Height: | Size: 154 KiB |
After Width: | Height: | Size: 66 KiB |
After Width: | Height: | Size: 38 KiB |
After Width: | Height: | Size: 121 KiB |
After Width: | Height: | Size: 90 KiB |
After Width: | Height: | Size: 154 KiB |
After Width: | Height: | Size: 186 KiB |
After Width: | Height: | Size: 55 KiB |
After Width: | Height: | Size: 20 KiB |
After Width: | Height: | Size: 143 KiB |
After Width: | Height: | Size: 48 KiB |
After Width: | Height: | Size: 78 KiB |
After Width: | Height: | Size: 530 KiB |
After Width: | Height: | Size: 177 KiB |
After Width: | Height: | Size: 70 KiB |
After Width: | Height: | Size: 152 KiB |
After Width: | Height: | Size: 146 KiB |
After Width: | Height: | Size: 152 KiB |
After Width: | Height: | Size: 141 KiB |