Compare commits
4 Commits
a6c9bd4f5d
...
721906706e
Author | SHA1 | Date |
---|---|---|
Sami Mokaddem | 721906706e | |
Sami Mokaddem | 71b31f5116 | |
Sami Mokaddem | f814573ae4 | |
iglocska | 5187338f28 |
|
@ -31,6 +31,10 @@
|
|||
\item Cryptographic key lookup
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
\vspace{0.5em}
|
||||
\begin{center}
|
||||
\includegraphics[width=0.55\linewidth]{pictures/melicertes.png}
|
||||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
|
@ -41,10 +45,10 @@
|
|||
\item Interconnecting communities came with its own problems
|
||||
\begin{itemize}
|
||||
\item Interconnection requests
|
||||
\item Organisation managmeent
|
||||
\item Organisation management
|
||||
\item Enrollment process
|
||||
\end{itemize}
|
||||
\item Finding and communicating with the right parties difficult
|
||||
\item Finding and communicating with the right parties is difficult
|
||||
\item Managing multiple MISP instances can be tedious
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
@ -81,11 +85,21 @@
|
|||
\begin{itemize}
|
||||
\item {Non-technical issues}
|
||||
\begin{itemize}
|
||||
\item Sharing difficulties in terms of social interactions (e.g trust)
|
||||
\item Overwhelming amount of points of contacts
|
||||
\item Sharing difficulties in terms of social interactions (e.g trust)
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
\vspace{1em}
|
||||
\begin{minipage}{0.27\textwidth}
|
||||
\includegraphics[scale=0.4]{pictures/firstcti-hastag.png}
|
||||
\end{minipage}
|
||||
\begin{minipage}{0.6\textwidth}
|
||||
{\large greatly helps in that aspect!}
|
||||
\end{minipage}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Issues we're trying to solve}
|
||||
\begin{itemize}
|
||||
\item {Technical issues}
|
||||
\begin{itemize}
|
||||
|
@ -95,7 +109,7 @@
|
|||
\end{itemize}
|
||||
\end{itemize}
|
||||
\begin{center}
|
||||
\includegraphics[width=0.8\linewidth]{pictures/org-circl.png}
|
||||
\includegraphics[width=1.0\linewidth]{pictures/org-circl.png}
|
||||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
|
@ -107,6 +121,7 @@
|
|||
\item Geographic \& sectorial
|
||||
\item But also technical: CIDR blocks \& AS Numbers
|
||||
\end{itemize}
|
||||
\vspace{0.5em}
|
||||
\item Cryptographic key lookup for information signing
|
||||
\begin{itemize}
|
||||
\item MISP's protected event feature
|
||||
|
@ -216,8 +231,8 @@
|
|||
\item These \texttt{meta-fields} are part of a larger structure called \texttt{meta-templates}
|
||||
\item Support of multiple templates used by various entities out there
|
||||
\begin{itemize}
|
||||
\item ENISA CSIRT inventory
|
||||
\item FIRST Directory
|
||||
\item ENISA CSIRT inventory
|
||||
\item CSIRT Constituency (CIDR blocks, AS Numbers, ...)
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
|
@ -319,18 +334,6 @@ Basically the same strategy as the one used in MISP:
|
|||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Data sharing: Planned synchronisation strategies}
|
||||
Two synchronisation strategies:
|
||||
\begin{enumerate}
|
||||
\item \textbf{Standard}: Only fetch and save new records
|
||||
\item \textbf{Trusted upstream source}: Remote Cerebrate acts as an authoritative instance
|
||||
\end{enumerate}
|
||||
\begin{center}
|
||||
\includegraphics[width=0.7\linewidth]{pictures/brood-edit.png}
|
||||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Managing local tools}
|
||||
Why would Cerebrate have integration with other tools?
|
||||
|
@ -348,11 +351,11 @@ Why would Cerebrate have integration with other tools?
|
|||
\frametitle{Managing local tools}
|
||||
There will inevitably be integration between local tools and Cerebrate. Why not go a step further?
|
||||
\begin{itemize}
|
||||
\item Cerebrate exposes a modular system to manage these local tools
|
||||
\item Cerebrate exposes a modular system to {\bf manage these local tools}
|
||||
\item Based on a configuration file, user interfaces can be created to visualise data and instruct local tools to perform operations
|
||||
\end{itemize}
|
||||
\begin{center}
|
||||
\includegraphics[width=0.9\linewidth]{pictures/github-local-tool.png}
|
||||
\includegraphics[width=1.0\linewidth]{pictures/github-local-tool.png}
|
||||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
|
@ -409,27 +412,6 @@ There will inevitably be integration between local tools and Cerebrate. Why not
|
|||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Local tool interconnection via Cerebrate}
|
||||
\begin{itemize}
|
||||
\item Local tools can be \textbf{exposed} to other Cerebrate nodes
|
||||
\item \textbf{Inter-connection requests} can be issued from one node to another
|
||||
\item Following a 3-way handshake protocol, inter-connections can be:
|
||||
\begin{itemize}
|
||||
\item Issued
|
||||
\item Accepted
|
||||
\item Finalised
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Local tool interconnection via Cerebrate}
|
||||
\begin{center}
|
||||
\includegraphics[width=0.40\linewidth]{pictures/guys-chatting.png}
|
||||
\end{center}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{MISP interconnection via Cerebrate}
|
||||
\begin{center}
|
||||
|
|
Binary file not shown.
After Width: | Height: | Size: 4.9 KiB |
Binary file not shown.
After Width: | Height: | Size: 38 KiB |
Loading…
Reference in New Issue