diff --git a/2023-11-14-NATO-MUG/content.md b/2023-11-14-NATO-MUG/content.md new file mode 100644 index 0000000..6cee4bf --- /dev/null +++ b/2023-11-14-NATO-MUG/content.md @@ -0,0 +1,32 @@ +The following topics will be covered along with their implementation in Cerebrate: + +- Attendees will learn about a new open source platform solving several, often frustrating issues + - Loads of communities + - Loads of UUIDs to manually process + - Loads of points of contacts + - Loads of Sharing Group issues / Inconsistencies +- An organisation registry for sharing communities utilising open source tools such as MISP + - Solution: Simplicity, light and open-source + - Technology used: PHP, cakephp4, BS5, ... + - Main purpose: Contact DB + - Flexible system to store additional information: Meta-template as KV-store +- How to manage and serve trust information, including organisational information, cryptographic signing keys, mailing lists to a community + - Web interface and API to ease interaction + - Open directory + - Cerebrate information sharing and remote-trust (- Cerebrate-to-Cerebrate connection) + - Practical examples: + - Sharing group: Share an incident with your constituency + - Cryptographic keys repository: MISP protected event Example +- A tool that help managing local tools + - Local tools: Design and Connectors + - Example: MISP Fleet management +- Open dialogues to community members to request tool to tool interconnections + - Exposed local tools + - SYN, SYN/ACK, ACK ( People chatting) + - Local tool inter-connection via synchronisation configuration profiles + - Examepl: MISP Inter-connection +- Roadmap + - Integration with other tools + - Ticketing systems + - Mailing list (Mailman) + - Messaging App (mattermost) \ No newline at end of file diff --git a/2023-11-14-NATO-MUG/content.tex b/2023-11-14-NATO-MUG/content.tex new file mode 100644 index 0000000..e764806 --- /dev/null +++ b/2023-11-14-NATO-MUG/content.tex @@ -0,0 +1,246 @@ +% DO NOT COMPILE THIS FILE DIRECTLY! +% This is included by the other .tex files. + +\begin{frame}[t,plain] +\titlepage +\end{frame} + +\begin{frame} + \frametitle{The aim of this presentation} + \begin{itemize} + \item Cerebrate + \begin{itemize} + \item What has happened since the last MUG + \item Give you a brief update over the highlights + \item Ongoing work + \end{itemize} + \end{itemize} +\end{frame} + +\begin{frame} + \frametitle{Statistics} + \begin{itemize} + \item Since the last MUG we've had: + \begin{itemize} + \item {\bf 4} releases + \item {\bf 83} commits + \end{itemize} + \end{itemize} +\end{frame} + +\begin{frame} + \frametitle{CNW Pilot} + \begin{itemize} + \item Collaboration with ENISA and CNW community + \begin{itemize} + \item Bug fixes + \item Usability rework + \item Additional supporting tools + \item New feature requests + \item Security fixes + \end{itemize} + \end{itemize} +\end{frame} + +\section{Give you a brief update over the highlights} + + +\begin{frame} +\frametitle{Enumerations} + \begin{itemize} + \item Create lists of enumerations for selector fields + \item Unified way of expressing countries, types of organisations + \item Created ad-hoc per instance + \end{itemize} + \begin{center} + \includegraphics[width=1.0\linewidth]{pictures/enumeration.png} + \end{center} +\end{frame} + +\begin{frame} +\frametitle{Organisation group management} + \begin{itemize} + \item Create {\bf sub-groups} in the community + \item For example national groups, with appointed administration + \item Improve {\bf life-cycle management of user accounts} + \end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Organisation group management} + \begin{center} + \includegraphics[width=1.0\linewidth]{pictures/OrgGroup.png} + \end{center} +\end{frame} + + +\begin{frame} +\frametitle{MISP management} + \begin{itemize} + \item Be able to manage {\bf Cerebrate interconnections}... + \item ...and {\bf MISP instances} + \item Visual overview, simple access + \item Debugging and diagnostics + \item Data management + \end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Topology} + \begin{center} + \includegraphics[width=1.0\linewidth]{pictures/orchestration1.png} + \end{center} +\end{frame} + +\begin{frame} +\frametitle{MISP management} + \begin{itemize} + \item Built using {\bf mermaid.js} + \item Can export itself as mermaid markdown + \item Easy to use for documentation + \item {\bf Diagnostics} relies on connector module implementation + \item Quick {\bf pivots} to all tool and connected cerebrate functinalities + \end{itemize} +\end{frame} + +\begin{frame} +\frametitle{MISP connector updates} + \begin{itemize} + \item New features to better negotiate information exchange + \item View / compare {\bf state} of data repositories + \item Multi-select {\bf bulk ingest} + \item Rule based {\bf bulk push} + \end{itemize} +\end{frame} + + +\begin{frame} +\frametitle{Connector interface} + \begin{center} + \includegraphics[width=1.0\linewidth]{pictures/orchestration2.png} + \end{center} +\end{frame} + +\begin{frame} +\frametitle{Push rules} + \begin{center} + \includegraphics[width=1.0\linewidth]{pictures/orchestration3.png} + \end{center} +\end{frame} + +\begin{frame} +\frametitle{Quality of life improvements} + \begin{itemize} + \item Meta-template {\bf version migrations} rework + \begin{itemize} + \item Various supported strategies (update, delete) + \end{itemize} + \item New community management settings + \item {\bf CLI tools} for enrollment + \item UI rework to streamline user interactions + \end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Quality of life improvements} + \begin{itemize} + \item {\bf Download filtered results} + \item Export as {\bf CSV} + \item Includes all custom meta-fields + \end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Quality of life improvements} + \begin{itemize} + \item {\bf Search and filter based on custom fields} + \item Define rules on what to display in terms of custom fields by default + \item Search on related data + \item Modify and {\bf extend roles} with metafields + \end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Sharing group rework} + \begin{itemize} + \item Match what MISP does + \item Sharing group extenders + \item {\bf Sync sharing groups to/from MISP} + \end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Cake-fuzzer} + \begin{itemize} + \item Developped by {\bf Zigrin security}, run by NCIA alumn {\bf Dawid Czarnecki} + \item Funded by the {\bf Luxembourg Armed Forces} + \item Full blown {\bf fuzzing framework targeting MISP and Cerebrate} + \item Long list of {\bf high severity CVEs} discovered + \item Constant development, open source + \item Will become part of our release CI pipeline + \item \url{https://github.com/Zigrin-Security/CakeFuzzer} + \end{itemize} +\end{frame} + + + +\section{What we're working on} + +\begin{frame} +\frametitle{Issues we're trying to solve as of late for ourselves} + \begin{itemize} + \item {\bf Contact management} across large interconnected networks + \item {\bf Constituency} information + \begin{itemize} + \item Geographic \& sectorial + \item But also technical: CIDR blocks \& AS Numbers + \end{itemize} + \item Managing our MISP fleets for various use-cases + \item {\bf Distribution list} management + \item MISP cryptographic signing {\bf PKI} management + \begin{itemize} + \item MISP's protected event feature + \item Future: Protected Sharing groups? + \end{itemize} + \item Creating data buckets in MISP for better retrieval + \item Sub-group self management + \end{itemize} +\end{frame} + +\begin{frame} +\frametitle{A bit about our internal topology} + \begin{center} + \includegraphics[width=1\linewidth]{pictures/our_topology.png} + \end{center} +\end{frame} + + +\begin{frame} +\frametitle{Deployment} + \begin{itemize} + \item \textbf{Deploying} the topology above + \item Standing up a {\bf NATO community Cerebrate} instance + \begin{itemize} + \item Details to be finalised, hosted at CIRCL + \item Based on previous discussions at MUG and steering board + \end{itemize} + \item \textbf{Deploying} an Open lookup Cerebrate + \item Supporting the finalisation of the CNW deployment + \end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Development} + \begin{itemize} + \item Further MISP integrations + \item Integration with other tools + \item Community centric PKI + \begin{itemize} + \item Protected mode support + \item General data signing support for MISP + \end{itemize} + \item Mailing group management + \end{itemize} +\end{frame} + + diff --git a/2023-11-14-NATO-MUG/pictures/CSV_exports.png b/2023-11-14-NATO-MUG/pictures/CSV_exports.png new file mode 100644 index 0000000..41e305b Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/CSV_exports.png differ diff --git a/2023-11-14-NATO-MUG/pictures/FIRSTCON22-Speaker-Horizontal.png b/2023-11-14-NATO-MUG/pictures/FIRSTCON22-Speaker-Horizontal.png new file mode 100644 index 0000000..ec4329d Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/FIRSTCON22-Speaker-Horizontal.png differ diff --git a/2023-11-14-NATO-MUG/pictures/OrgGroup.png b/2023-11-14-NATO-MUG/pictures/OrgGroup.png new file mode 100644 index 0000000..9da5f3c Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/OrgGroup.png differ diff --git a/2023-11-14-NATO-MUG/pictures/bokeh_cumulative_org_misppriv.png b/2023-11-14-NATO-MUG/pictures/bokeh_cumulative_org_misppriv.png new file mode 100644 index 0000000..70a0170 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/bokeh_cumulative_org_misppriv.png differ diff --git a/2023-11-14-NATO-MUG/pictures/bokeh_new_org.png b/2023-11-14-NATO-MUG/pictures/bokeh_new_org.png new file mode 100644 index 0000000..129be34 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/bokeh_new_org.png differ diff --git a/2023-11-14-NATO-MUG/pictures/brood-edit.png b/2023-11-14-NATO-MUG/pictures/brood-edit.png new file mode 100644 index 0000000..8b0141a Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/brood-edit.png differ diff --git a/2023-11-14-NATO-MUG/pictures/brood-index.png b/2023-11-14-NATO-MUG/pictures/brood-index.png new file mode 100644 index 0000000..8f6978d Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/brood-index.png differ diff --git a/2023-11-14-NATO-MUG/pictures/brood-view.png b/2023-11-14-NATO-MUG/pictures/brood-view.png new file mode 100644 index 0000000..7c4a2cc Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/brood-view.png differ diff --git a/2023-11-14-NATO-MUG/pictures/cerebrate-github.png b/2023-11-14-NATO-MUG/pictures/cerebrate-github.png new file mode 100644 index 0000000..af85229 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/cerebrate-github.png differ diff --git a/2023-11-14-NATO-MUG/pictures/circl.png b/2023-11-14-NATO-MUG/pictures/circl.png new file mode 100644 index 0000000..c570ff2 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/circl.png differ diff --git a/2023-11-14-NATO-MUG/pictures/clippy-hint.png b/2023-11-14-NATO-MUG/pictures/clippy-hint.png new file mode 100644 index 0000000..ef4415e Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/clippy-hint.png differ diff --git a/2023-11-14-NATO-MUG/pictures/clippy-hint.xcf b/2023-11-14-NATO-MUG/pictures/clippy-hint.xcf new file mode 100644 index 0000000..f4ddbb1 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/clippy-hint.xcf differ diff --git a/2023-11-14-NATO-MUG/pictures/clippy-solo.png b/2023-11-14-NATO-MUG/pictures/clippy-solo.png new file mode 100644 index 0000000..4c67fd1 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/clippy-solo.png differ diff --git a/2023-11-14-NATO-MUG/pictures/connection_request.png b/2023-11-14-NATO-MUG/pictures/connection_request.png new file mode 100644 index 0000000..2d4e103 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/connection_request.png differ diff --git a/2023-11-14-NATO-MUG/pictures/contact-database-1.png b/2023-11-14-NATO-MUG/pictures/contact-database-1.png new file mode 100644 index 0000000..ebe07f1 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/contact-database-1.png differ diff --git a/2023-11-14-NATO-MUG/pictures/contact-database-2.png b/2023-11-14-NATO-MUG/pictures/contact-database-2.png new file mode 100644 index 0000000..aac35a4 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/contact-database-2.png differ diff --git a/2023-11-14-NATO-MUG/pictures/enumeration.png b/2023-11-14-NATO-MUG/pictures/enumeration.png new file mode 100644 index 0000000..7726a2a Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/enumeration.png differ diff --git a/2023-11-14-NATO-MUG/pictures/firstcon-22.png b/2023-11-14-NATO-MUG/pictures/firstcon-22.png new file mode 100644 index 0000000..cde72ee Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/firstcon-22.png differ diff --git a/2023-11-14-NATO-MUG/pictures/firstcon22.png b/2023-11-14-NATO-MUG/pictures/firstcon22.png new file mode 100644 index 0000000..101de35 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/firstcon22.png differ diff --git a/2023-11-14-NATO-MUG/pictures/firstcon22.svg b/2023-11-14-NATO-MUG/pictures/firstcon22.svg new file mode 100644 index 0000000..ab0aff9 --- /dev/null +++ b/2023-11-14-NATO-MUG/pictures/firstcon22.svg @@ -0,0 +1,52 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/2023-11-14-NATO-MUG/pictures/firstcti-hastag.png b/2023-11-14-NATO-MUG/pictures/firstcti-hastag.png new file mode 100644 index 0000000..eaebcbf Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/firstcti-hastag.png differ diff --git a/2023-11-14-NATO-MUG/pictures/firstcti22.png b/2023-11-14-NATO-MUG/pictures/firstcti22.png new file mode 100644 index 0000000..6fd1fb0 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/firstcti22.png differ diff --git a/2023-11-14-NATO-MUG/pictures/fleet2.png b/2023-11-14-NATO-MUG/pictures/fleet2.png new file mode 100644 index 0000000..5477d77 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/fleet2.png differ diff --git a/2023-11-14-NATO-MUG/pictures/github-local-tool.png b/2023-11-14-NATO-MUG/pictures/github-local-tool.png new file mode 100644 index 0000000..d34e63d Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/github-local-tool.png differ diff --git a/2023-11-14-NATO-MUG/pictures/guys-chatting.png b/2023-11-14-NATO-MUG/pictures/guys-chatting.png new file mode 100644 index 0000000..93ba195 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/guys-chatting.png differ diff --git a/2023-11-14-NATO-MUG/pictures/herding_cats.jpeg b/2023-11-14-NATO-MUG/pictures/herding_cats.jpeg new file mode 100644 index 0000000..ea57bb7 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/herding_cats.jpeg differ diff --git a/2023-11-14-NATO-MUG/pictures/localtool-view.png b/2023-11-14-NATO-MUG/pictures/localtool-view.png new file mode 100644 index 0000000..fbe70d2 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/localtool-view.png differ diff --git a/2023-11-14-NATO-MUG/pictures/localtools-index.png b/2023-11-14-NATO-MUG/pictures/localtools-index.png new file mode 100644 index 0000000..66ea6a3 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/localtools-index.png differ diff --git a/2023-11-14-NATO-MUG/pictures/login-page.png b/2023-11-14-NATO-MUG/pictures/login-page.png new file mode 100644 index 0000000..7b865cd Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/login-page.png differ diff --git a/2023-11-14-NATO-MUG/pictures/logo.png b/2023-11-14-NATO-MUG/pictures/logo.png new file mode 100644 index 0000000..82bcaab Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/logo.png differ diff --git a/2023-11-14-NATO-MUG/pictures/melicertes.png b/2023-11-14-NATO-MUG/pictures/melicertes.png new file mode 100644 index 0000000..d92eba1 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/melicertes.png differ diff --git a/2023-11-14-NATO-MUG/pictures/meta-fields-first.png b/2023-11-14-NATO-MUG/pictures/meta-fields-first.png new file mode 100644 index 0000000..d3426de Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/meta-fields-first.png differ diff --git a/2023-11-14-NATO-MUG/pictures/meta-template-repo.png b/2023-11-14-NATO-MUG/pictures/meta-template-repo.png new file mode 100644 index 0000000..ed3f6ba Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/meta-template-repo.png differ diff --git a/2023-11-14-NATO-MUG/pictures/meta-templates-first.png b/2023-11-14-NATO-MUG/pictures/meta-templates-first.png new file mode 100644 index 0000000..f62b365 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/meta-templates-first.png differ diff --git a/2023-11-14-NATO-MUG/pictures/misp-cerebrate.png b/2023-11-14-NATO-MUG/pictures/misp-cerebrate.png new file mode 100644 index 0000000..cbb932f Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/misp-cerebrate.png differ diff --git a/2023-11-14-NATO-MUG/pictures/misppriv-usage.png b/2023-11-14-NATO-MUG/pictures/misppriv-usage.png new file mode 100644 index 0000000..8b48b64 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/misppriv-usage.png differ diff --git a/2023-11-14-NATO-MUG/pictures/misppriv-user-org-stats.png b/2023-11-14-NATO-MUG/pictures/misppriv-user-org-stats.png new file mode 100644 index 0000000..d1ab917 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/misppriv-user-org-stats.png differ diff --git a/2023-11-14-NATO-MUG/pictures/open-directory.png b/2023-11-14-NATO-MUG/pictures/open-directory.png new file mode 100644 index 0000000..c10c147 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/open-directory.png differ diff --git a/2023-11-14-NATO-MUG/pictures/orchestration1.png b/2023-11-14-NATO-MUG/pictures/orchestration1.png new file mode 100644 index 0000000..cf04a2b Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/orchestration1.png differ diff --git a/2023-11-14-NATO-MUG/pictures/orchestration2.png b/2023-11-14-NATO-MUG/pictures/orchestration2.png new file mode 100644 index 0000000..d0b198d Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/orchestration2.png differ diff --git a/2023-11-14-NATO-MUG/pictures/orchestration3.png b/2023-11-14-NATO-MUG/pictures/orchestration3.png new file mode 100644 index 0000000..65ddc30 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/orchestration3.png differ diff --git a/2023-11-14-NATO-MUG/pictures/org-circl.png b/2023-11-14-NATO-MUG/pictures/org-circl.png new file mode 100644 index 0000000..fdf4d19 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/org-circl.png differ diff --git a/2023-11-14-NATO-MUG/pictures/our_topology.png b/2023-11-14-NATO-MUG/pictures/our_topology.png new file mode 100644 index 0000000..a441153 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/our_topology.png differ diff --git a/2023-11-14-NATO-MUG/pictures/pgp.png b/2023-11-14-NATO-MUG/pictures/pgp.png new file mode 100644 index 0000000..a826ebd Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/pgp.png differ diff --git a/2023-11-14-NATO-MUG/pictures/sharinggroup.png b/2023-11-14-NATO-MUG/pictures/sharinggroup.png new file mode 100644 index 0000000..4934a53 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/sharinggroup.png differ diff --git a/2023-11-14-NATO-MUG/pictures/software-stack.png b/2023-11-14-NATO-MUG/pictures/software-stack.png new file mode 100644 index 0000000..fb3ac35 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/software-stack.png differ diff --git a/2023-11-14-NATO-MUG/pictures/theme-1.png b/2023-11-14-NATO-MUG/pictures/theme-1.png new file mode 100644 index 0000000..fbebd68 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/theme-1.png differ diff --git a/2023-11-14-NATO-MUG/pictures/theme-2.png b/2023-11-14-NATO-MUG/pictures/theme-2.png new file mode 100644 index 0000000..0b9c2b8 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/theme-2.png differ diff --git a/2023-11-14-NATO-MUG/pictures/theme-3.png b/2023-11-14-NATO-MUG/pictures/theme-3.png new file mode 100644 index 0000000..de5f6aa Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/theme-3.png differ diff --git a/2023-11-14-NATO-MUG/pictures/tools-made-available.png b/2023-11-14-NATO-MUG/pictures/tools-made-available.png new file mode 100644 index 0000000..bae70f7 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/tools-made-available.png differ diff --git a/2023-11-14-NATO-MUG/pictures/topology.png b/2023-11-14-NATO-MUG/pictures/topology.png new file mode 100644 index 0000000..9fa0fb8 Binary files /dev/null and b/2023-11-14-NATO-MUG/pictures/topology.png differ diff --git a/2023-11-14-NATO-MUG/slide.tex b/2023-11-14-NATO-MUG/slide.tex new file mode 100644 index 0000000..6fb5efd --- /dev/null +++ b/2023-11-14-NATO-MUG/slide.tex @@ -0,0 +1,22 @@ +\documentclass{beamer} +\usetheme[numbering=progressbar]{focus} +\definecolor{main}{RGB}{83, 31, 117} +\definecolor{textcolor}{RGB}{0, 0, 0} +%\definecolor{background}{RGB}{215, 212, 227} + +\usepackage[utf8]{inputenc} +\usepackage{tikz} +\usepackage{listings} +\usetikzlibrary{positioning} +\usetikzlibrary{shapes,arrows} + +\author{Team CIRCL} +\title{Cerebrate update} +\institute{Cerebrate Project} +\titlegraphic{\includegraphics[scale=0.15]{pictures/logo.png}} +\date{NATO MUG 2023-11-14} + +\begin{document} +\include{content} +\end{document} + diff --git a/2023-hacklu-update/content.md b/2023-hacklu-update/content.md new file mode 100644 index 0000000..6cee4bf --- /dev/null +++ b/2023-hacklu-update/content.md @@ -0,0 +1,32 @@ +The following topics will be covered along with their implementation in Cerebrate: + +- Attendees will learn about a new open source platform solving several, often frustrating issues + - Loads of communities + - Loads of UUIDs to manually process + - Loads of points of contacts + - Loads of Sharing Group issues / Inconsistencies +- An organisation registry for sharing communities utilising open source tools such as MISP + - Solution: Simplicity, light and open-source + - Technology used: PHP, cakephp4, BS5, ... + - Main purpose: Contact DB + - Flexible system to store additional information: Meta-template as KV-store +- How to manage and serve trust information, including organisational information, cryptographic signing keys, mailing lists to a community + - Web interface and API to ease interaction + - Open directory + - Cerebrate information sharing and remote-trust (- Cerebrate-to-Cerebrate connection) + - Practical examples: + - Sharing group: Share an incident with your constituency + - Cryptographic keys repository: MISP protected event Example +- A tool that help managing local tools + - Local tools: Design and Connectors + - Example: MISP Fleet management +- Open dialogues to community members to request tool to tool interconnections + - Exposed local tools + - SYN, SYN/ACK, ACK ( People chatting) + - Local tool inter-connection via synchronisation configuration profiles + - Examepl: MISP Inter-connection +- Roadmap + - Integration with other tools + - Ticketing systems + - Mailing list (Mailman) + - Messaging App (mattermost) \ No newline at end of file diff --git a/2023-hacklu-update/content.tex b/2023-hacklu-update/content.tex new file mode 100644 index 0000000..7027cb4 --- /dev/null +++ b/2023-hacklu-update/content.tex @@ -0,0 +1,245 @@ +% DO NOT COMPILE THIS FILE DIRECTLY! +% This is included by the other .tex files. + +\begin{frame}[t,plain] +\titlepage +\end{frame} + +\begin{frame} +\frametitle{What is Cerebrate?} + \begin{itemize} + \item A new-ish OSS Community management and orchestration platform + \item Takes care of: + \begin{itemize} + \item {\bf Contact library} management + \item {\bf Constituency} lookup + \item {\bf Interconnection} Orchestration + \item {\bf Tool management and orchestration} + \item {\bf Sharing group} distribution and management + \item {\bf Cryptographic key} lookup + \item Shared services {\bf access management} + \end{itemize} + \item Developed initially as part of: + \end{itemize} + \vspace{0.5em} + \begin{center} + \includegraphics[width=0.55\linewidth]{pictures/melicertes.png} + \end{center} +\end{frame} + +\begin{frame} +\frametitle{Managing large communities is difficult} + \begin{itemize} + \item Our MISP communities started out small + \item Most communities acted as islands + \item Interconnecting communities came with its own problems + \begin{itemize} + \item {\bf Interconnection requests} + \item {\bf Organisation management} + \item {\bf Enrollment} process + \end{itemize} + \item Finding and communicating with the right parties is difficult + \item Managing multiple MISP instances can be tedious + \end{itemize} +\end{frame} + +\begin{frame} +\frametitle{A bit about our internal topology} + \begin{center} + \includegraphics[width=1\linewidth]{pictures/our_topology.png} + \end{center} +\end{frame} + +\begin{frame} + \frametitle{Some stats about one of our MISP instance: MISPPriv} + \begin{center} + \includegraphics[width=0.6\linewidth]{pictures/misppriv-user-org-stats.png} + \end{center} +\end{frame} + +\begin{frame} +\frametitle{Issues we're trying to solve} + \begin{itemize} + \item {\bf Contact management} across large interconnected networks + \begin{itemize} + \item ORG uuids, capabilities, individuals, etc + \end{itemize} + \item {\bf Constituency} information + \begin{itemize} + \item Geographic \& sectorial + \item But also technical: CIDR blocks \& AS Numbers + \end{itemize} + \item Managing local tools, especially {\bf fleets of MISPs} + \item Common access control management + \item {\bf Distribution list} management + \item MISP cryptographic signing {\bf PKI} management + \begin{itemize} + \item MISP's protected event feature + \item Future: Protected Sharing groups? + \end{itemize} + \item Community centric {\bf data modelling} + \end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Cerebrate's contact database} + \begin{itemize} + \item Contact database for the CSIRT network + \begin{itemize} + \item Common contact fields such as \texttt{UUID}, \texttt{name}, \texttt{contact email address}, \texttt{nationality}, \texttt{URL}, ... + \end{itemize} + \end{itemize} + \begin{center} + \includegraphics[width=0.8\linewidth]{pictures/contact-database-1.png} + \end{center} +\end{frame} + +\begin{frame} +\frametitle{Cerebrate's contact database: Meta-fields} + \begin{itemize} + \item Flexible system to store additional information: \texttt{meta-fields} (KV-store) + \item These \texttt{meta-fields} are part of a larger structure called \texttt{meta-templates} + \item Support of {\bf multiple templates} used by various entities out there + \begin{itemize} + \item FIRST Directory + \item ENISA CSIRT inventory + \item CSIRT Constituency (CIDR blocks, AS Numbers, ...) + \end{itemize} + \end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Cerebrate's contact database: Meta-fields} +\begin{center} + \includegraphics[width=0.99\linewidth]{pictures/meta-fields-first.png} +\end{center} +\end{frame} + + +\begin{frame} +\frametitle{Cerebrate's contact database} + \begin{center} + \includegraphics[width=0.99\linewidth]{pictures/contact-database-2.png} + \end{center} +\end{frame} + + + +\begin{frame} +\frametitle{Managing local tools} + \begin{itemize} + \item Cerebrate exposes a modular system to {\bf manage these local tools} + \item Based on a configuration file, user interfaces can be created to visualise data and instruct local tools to perform operations + \end{itemize} + \begin{center} + \includegraphics[width=1.0\linewidth]{pictures/github-local-tool.png} + \end{center} +\end{frame} + +\begin{frame} +\frametitle{Local tools: MISP Connector capabilities} + \begin{itemize} + \item \textbf{Configure} a MISP instances via server settings + \item \textbf{Push and Pull} Organisations \& Sharing Groups + \item \textbf{Diagnose} other connected MISP servers + \item \textbf{Manage} users + \item \textbf{Custom} actions are easy to integrated beyond the initial scope + \end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Local tool interconnection via Cerebrate} + \begin{itemize} + \item Cerebrate's main goal is to \textbf{ease community management} + \item Select which local tools are meant to be exposed to the community for requests + \item Open dialogues to community members to request tool-to-tool interconnections + \end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Local tool interconnection via Cerebrate} + Cerebrate can leverage its access to local tool to reach out to tools from other Cerebrate nodes + \begin{center} + \includegraphics[width=0.85\linewidth]{pictures/tools-made-available.png} + \end{center} +\end{frame} + +\begin{frame} +\frametitle{Development update} + \begin{itemize} + \item 6 releases + \item 388 commits + \item Ongoing work on the community management aspect... + \item ...as well as orchestration + \end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Development update} + \begin{itemize} + \item A long list of fixes and improvements + \item Tight collaboration with {\bf ENISA and the CSIRT-network} + \item Ongoing pilot programme at CNW + \item Implementing new CSIRT-network use-cases + \end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Development update} + \begin{itemize} + \item Improved {\bf controls via customisable, IAM exposed permissions} + \item Tooling for creating {\bf vocabularies for custom field pre-sets} (enumerations) + \item Versioning and updates of existing data for new metafield library versions + \item An additional layer of grouping and self-governance + \end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Upcoming fleet release} + \begin{itemize} + \item New graphical UI for managing local tools and sync connections + \item Rework of sharing groups to be closer in-line with MISP + \item Diagnostic tools for MISP instances, exposing common misconfigurations + \begin{itemize} + \item PHP settings + \item Worker health and stuck queues + \item Out of date warnings + \item MySQL settings + \end{itemize} + \item Improvements to the local tool common tools library + \end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Fleet management} + \begin{center} + \includegraphics[width=1\linewidth]{pictures/topology.png} + \end{center} +\end{frame} + +\begin{frame} +\frametitle{Fleet management} + \begin{center} + \includegraphics[width=1\linewidth]{pictures/fleet2.png} + \end{center} +\end{frame} + + +\begin{frame} +\frametitle{Current roadmap} + \begin{itemize} + \item Upcoming {\bf fleet management} release + \item {\bf Sharing groups} rework + \item Data {\bf signing / validation} + \begin{itemize} + \item Community centric PKI + \item Enable data validation services for tools such as MISP + \end{itemize} + \item {\bf Integration with other tools} + \begin{itemize} + \item Ticketing systems + \item Tighter Mailing list integration (Mailman) + \item Messaging App (Mattermost) + \end{itemize} + \end{itemize} +\end{frame} diff --git a/2023-hacklu-update/pictures/FIRSTCON22-Speaker-Horizontal.png b/2023-hacklu-update/pictures/FIRSTCON22-Speaker-Horizontal.png new file mode 100644 index 0000000..ec4329d Binary files /dev/null and b/2023-hacklu-update/pictures/FIRSTCON22-Speaker-Horizontal.png differ diff --git a/2023-hacklu-update/pictures/bokeh_cumulative_org_misppriv.png b/2023-hacklu-update/pictures/bokeh_cumulative_org_misppriv.png new file mode 100644 index 0000000..70a0170 Binary files /dev/null and b/2023-hacklu-update/pictures/bokeh_cumulative_org_misppriv.png differ diff --git a/2023-hacklu-update/pictures/bokeh_new_org.png b/2023-hacklu-update/pictures/bokeh_new_org.png new file mode 100644 index 0000000..129be34 Binary files /dev/null and b/2023-hacklu-update/pictures/bokeh_new_org.png differ diff --git a/2023-hacklu-update/pictures/brood-edit.png b/2023-hacklu-update/pictures/brood-edit.png new file mode 100644 index 0000000..8b0141a Binary files /dev/null and b/2023-hacklu-update/pictures/brood-edit.png differ diff --git a/2023-hacklu-update/pictures/brood-index.png b/2023-hacklu-update/pictures/brood-index.png new file mode 100644 index 0000000..8f6978d Binary files /dev/null and b/2023-hacklu-update/pictures/brood-index.png differ diff --git a/2023-hacklu-update/pictures/brood-view.png b/2023-hacklu-update/pictures/brood-view.png new file mode 100644 index 0000000..7c4a2cc Binary files /dev/null and b/2023-hacklu-update/pictures/brood-view.png differ diff --git a/2023-hacklu-update/pictures/cerebrate-github.png b/2023-hacklu-update/pictures/cerebrate-github.png new file mode 100644 index 0000000..af85229 Binary files /dev/null and b/2023-hacklu-update/pictures/cerebrate-github.png differ diff --git a/2023-hacklu-update/pictures/circl.png b/2023-hacklu-update/pictures/circl.png new file mode 100644 index 0000000..c570ff2 Binary files /dev/null and b/2023-hacklu-update/pictures/circl.png differ diff --git a/2023-hacklu-update/pictures/clippy-hint.png b/2023-hacklu-update/pictures/clippy-hint.png new file mode 100644 index 0000000..ef4415e Binary files /dev/null and b/2023-hacklu-update/pictures/clippy-hint.png differ diff --git a/2023-hacklu-update/pictures/clippy-hint.xcf b/2023-hacklu-update/pictures/clippy-hint.xcf new file mode 100644 index 0000000..f4ddbb1 Binary files /dev/null and b/2023-hacklu-update/pictures/clippy-hint.xcf differ diff --git a/2023-hacklu-update/pictures/clippy-solo.png b/2023-hacklu-update/pictures/clippy-solo.png new file mode 100644 index 0000000..4c67fd1 Binary files /dev/null and b/2023-hacklu-update/pictures/clippy-solo.png differ diff --git a/2023-hacklu-update/pictures/connection_request.png b/2023-hacklu-update/pictures/connection_request.png new file mode 100644 index 0000000..2d4e103 Binary files /dev/null and b/2023-hacklu-update/pictures/connection_request.png differ diff --git a/2023-hacklu-update/pictures/contact-database-1.png b/2023-hacklu-update/pictures/contact-database-1.png new file mode 100644 index 0000000..ebe07f1 Binary files /dev/null and b/2023-hacklu-update/pictures/contact-database-1.png differ diff --git a/2023-hacklu-update/pictures/contact-database-2.png b/2023-hacklu-update/pictures/contact-database-2.png new file mode 100644 index 0000000..aac35a4 Binary files /dev/null and b/2023-hacklu-update/pictures/contact-database-2.png differ diff --git a/2023-hacklu-update/pictures/firstcon-22.png b/2023-hacklu-update/pictures/firstcon-22.png new file mode 100644 index 0000000..cde72ee Binary files /dev/null and b/2023-hacklu-update/pictures/firstcon-22.png differ diff --git a/2023-hacklu-update/pictures/firstcon22.png b/2023-hacklu-update/pictures/firstcon22.png new file mode 100644 index 0000000..101de35 Binary files /dev/null and b/2023-hacklu-update/pictures/firstcon22.png differ diff --git a/2023-hacklu-update/pictures/firstcon22.svg b/2023-hacklu-update/pictures/firstcon22.svg new file mode 100644 index 0000000..ab0aff9 --- /dev/null +++ b/2023-hacklu-update/pictures/firstcon22.svg @@ -0,0 +1,52 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/2023-hacklu-update/pictures/firstcti-hastag.png b/2023-hacklu-update/pictures/firstcti-hastag.png new file mode 100644 index 0000000..eaebcbf Binary files /dev/null and b/2023-hacklu-update/pictures/firstcti-hastag.png differ diff --git a/2023-hacklu-update/pictures/firstcti22.png b/2023-hacklu-update/pictures/firstcti22.png new file mode 100644 index 0000000..6fd1fb0 Binary files /dev/null and b/2023-hacklu-update/pictures/firstcti22.png differ diff --git a/2023-hacklu-update/pictures/fleet2.png b/2023-hacklu-update/pictures/fleet2.png new file mode 100644 index 0000000..5477d77 Binary files /dev/null and b/2023-hacklu-update/pictures/fleet2.png differ diff --git a/2023-hacklu-update/pictures/github-local-tool.png b/2023-hacklu-update/pictures/github-local-tool.png new file mode 100644 index 0000000..d34e63d Binary files /dev/null and b/2023-hacklu-update/pictures/github-local-tool.png differ diff --git a/2023-hacklu-update/pictures/guys-chatting.png b/2023-hacklu-update/pictures/guys-chatting.png new file mode 100644 index 0000000..93ba195 Binary files /dev/null and b/2023-hacklu-update/pictures/guys-chatting.png differ diff --git a/2023-hacklu-update/pictures/herding_cats.jpeg b/2023-hacklu-update/pictures/herding_cats.jpeg new file mode 100644 index 0000000..ea57bb7 Binary files /dev/null and b/2023-hacklu-update/pictures/herding_cats.jpeg differ diff --git a/2023-hacklu-update/pictures/localtool-view.png b/2023-hacklu-update/pictures/localtool-view.png new file mode 100644 index 0000000..fbe70d2 Binary files /dev/null and b/2023-hacklu-update/pictures/localtool-view.png differ diff --git a/2023-hacklu-update/pictures/localtools-index.png b/2023-hacklu-update/pictures/localtools-index.png new file mode 100644 index 0000000..66ea6a3 Binary files /dev/null and b/2023-hacklu-update/pictures/localtools-index.png differ diff --git a/2023-hacklu-update/pictures/login-page.png b/2023-hacklu-update/pictures/login-page.png new file mode 100644 index 0000000..7b865cd Binary files /dev/null and b/2023-hacklu-update/pictures/login-page.png differ diff --git a/2023-hacklu-update/pictures/logo.png b/2023-hacklu-update/pictures/logo.png new file mode 100644 index 0000000..82bcaab Binary files /dev/null and b/2023-hacklu-update/pictures/logo.png differ diff --git a/2023-hacklu-update/pictures/melicertes.png b/2023-hacklu-update/pictures/melicertes.png new file mode 100644 index 0000000..d92eba1 Binary files /dev/null and b/2023-hacklu-update/pictures/melicertes.png differ diff --git a/2023-hacklu-update/pictures/meta-fields-first.png b/2023-hacklu-update/pictures/meta-fields-first.png new file mode 100644 index 0000000..d3426de Binary files /dev/null and b/2023-hacklu-update/pictures/meta-fields-first.png differ diff --git a/2023-hacklu-update/pictures/meta-template-repo.png b/2023-hacklu-update/pictures/meta-template-repo.png new file mode 100644 index 0000000..ed3f6ba Binary files /dev/null and b/2023-hacklu-update/pictures/meta-template-repo.png differ diff --git a/2023-hacklu-update/pictures/meta-templates-first.png b/2023-hacklu-update/pictures/meta-templates-first.png new file mode 100644 index 0000000..f62b365 Binary files /dev/null and b/2023-hacklu-update/pictures/meta-templates-first.png differ diff --git a/2023-hacklu-update/pictures/misp-cerebrate.png b/2023-hacklu-update/pictures/misp-cerebrate.png new file mode 100644 index 0000000..cbb932f Binary files /dev/null and b/2023-hacklu-update/pictures/misp-cerebrate.png differ diff --git a/2023-hacklu-update/pictures/misppriv-usage.png b/2023-hacklu-update/pictures/misppriv-usage.png new file mode 100644 index 0000000..8b48b64 Binary files /dev/null and b/2023-hacklu-update/pictures/misppriv-usage.png differ diff --git a/2023-hacklu-update/pictures/misppriv-user-org-stats.png b/2023-hacklu-update/pictures/misppriv-user-org-stats.png new file mode 100644 index 0000000..d1ab917 Binary files /dev/null and b/2023-hacklu-update/pictures/misppriv-user-org-stats.png differ diff --git a/2023-hacklu-update/pictures/open-directory.png b/2023-hacklu-update/pictures/open-directory.png new file mode 100644 index 0000000..c10c147 Binary files /dev/null and b/2023-hacklu-update/pictures/open-directory.png differ diff --git a/2023-hacklu-update/pictures/org-circl.png b/2023-hacklu-update/pictures/org-circl.png new file mode 100644 index 0000000..fdf4d19 Binary files /dev/null and b/2023-hacklu-update/pictures/org-circl.png differ diff --git a/2023-hacklu-update/pictures/our_topology.png b/2023-hacklu-update/pictures/our_topology.png new file mode 100644 index 0000000..a441153 Binary files /dev/null and b/2023-hacklu-update/pictures/our_topology.png differ diff --git a/2023-hacklu-update/pictures/pgp.png b/2023-hacklu-update/pictures/pgp.png new file mode 100644 index 0000000..a826ebd Binary files /dev/null and b/2023-hacklu-update/pictures/pgp.png differ diff --git a/2023-hacklu-update/pictures/sharinggroup.png b/2023-hacklu-update/pictures/sharinggroup.png new file mode 100644 index 0000000..4934a53 Binary files /dev/null and b/2023-hacklu-update/pictures/sharinggroup.png differ diff --git a/2023-hacklu-update/pictures/software-stack.png b/2023-hacklu-update/pictures/software-stack.png new file mode 100644 index 0000000..fb3ac35 Binary files /dev/null and b/2023-hacklu-update/pictures/software-stack.png differ diff --git a/2023-hacklu-update/pictures/theme-1.png b/2023-hacklu-update/pictures/theme-1.png new file mode 100644 index 0000000..fbebd68 Binary files /dev/null and b/2023-hacklu-update/pictures/theme-1.png differ diff --git a/2023-hacklu-update/pictures/theme-2.png b/2023-hacklu-update/pictures/theme-2.png new file mode 100644 index 0000000..0b9c2b8 Binary files /dev/null and b/2023-hacklu-update/pictures/theme-2.png differ diff --git a/2023-hacklu-update/pictures/theme-3.png b/2023-hacklu-update/pictures/theme-3.png new file mode 100644 index 0000000..de5f6aa Binary files /dev/null and b/2023-hacklu-update/pictures/theme-3.png differ diff --git a/2023-hacklu-update/pictures/tools-made-available.png b/2023-hacklu-update/pictures/tools-made-available.png new file mode 100644 index 0000000..bae70f7 Binary files /dev/null and b/2023-hacklu-update/pictures/tools-made-available.png differ diff --git a/2023-hacklu-update/pictures/topology.png b/2023-hacklu-update/pictures/topology.png new file mode 100644 index 0000000..9fa0fb8 Binary files /dev/null and b/2023-hacklu-update/pictures/topology.png differ diff --git a/2023-hacklu-update/slide.tex b/2023-hacklu-update/slide.tex new file mode 100644 index 0000000..c8569c3 --- /dev/null +++ b/2023-hacklu-update/slide.tex @@ -0,0 +1,22 @@ +\documentclass{beamer} +\usetheme[numbering=progressbar]{focus} +\definecolor{main}{RGB}{83, 31, 117} +\definecolor{textcolor}{RGB}{0, 0, 0} +%\definecolor{background}{RGB}{215, 212, 227} + +\usepackage[utf8]{inputenc} +\usepackage{tikz} +\usepackage{listings} +\usetikzlibrary{positioning} +\usetikzlibrary{shapes,arrows} + +\author{Team CIRCL} +\title{Cerebrate intro and development update} +\institute{Cerebrate Project} +\titlegraphic{\includegraphics[scale=0.15]{pictures/logo.png}} +\date{CTI Summit 2023} + +\begin{document} +\include{content} +\end{document} +