Raphaël Vinot CIRCL Operator, Computer Incident Response Center Luxembourg
Raphaël Vinot is a longstanding member of Computer Incident Response Center Luxembourg (CIRCL) and of Malware Information Sharing Platform (MISP).
Workshop: Incident Response in the Age of Threat Intelligence with MISP, TheHive & Cortex
The goal of the tutorial is to familiarize participants with Incident Response and Cyber Threat Intelligence using TheHive — a Security Incident Response Platform, Cortex — a powerful observable analysis engine, and MISP — the de facto standard platform for threat sharing.
All software is free and open source.
- What is Incident Response and Cyber Threat Intelligence in 2018
- Overview of the software stack
- Simple case study
- Dealing with notifications
- How CTI feeds IR
- How IR feeds CTI
- Advanced case study
Attendees need to have a laptop and the ability to run virtual machines (Virtualbox or VMWare), provided by the trainers.