MISP Kickstart (July 2024 Sessions, 8 hours over 2 Days)
Event description
MISP Kickstart provides a comprehensive introduction to the popular Open Source Threat
Intelligence and Sharing Platform, "MISP", with lab scenarios closely based on real-world use cases.
Facilitated by two of Australia's foremost CTI experts, this course will establish a foundational understanding of the practical applications of the MISP Threat Intelligence Platform.
- Participants will follow lab scenarios based on real-world use cases, including setting up a local MISP instance, configuring an organisation and users, and creating events and information based on the threat profile of an organisation and its industry vertical.
- Participants will gain an understanding of the common use cases for MISP, learn how to set up and manage sharing
communities, select relevant threat feeds (and also ones to avoid!) and how to utilise automation workflows.
- Alongside the good, this course also covers the bad and the ugly. Upgrades don’t always go to plan, databases randomly fall over, events can duplicate seemingly on their own. We provide guidance on how to troubleshoot and fix these issues as they arise.
This isn't just another dry "RTFM" walkthrough. Participants will be challenged by an engaging lab scenario that
mimics real world use cases and CTI sharing scenarios.
By the end of the course you’ll have:
- A working instance of MISP, and will be able to export events so that if you decide to run MISP in production you won’t need to do the work again.
- The knowledge and skills to set up MISP to meet your own personal or organisational requirements, and
- Understand how to effectively leverage the world's most popular open source threat intelligence platform.
July 2024 Sessions
The course will be delivered across two half days, 8 hours in total. Participants need to attend both days to complete the course.
There are three separate sessions, make sure you choose the correct one for your timezone and preference when you select your ticket.
- AM Schedule: 22nd - 23rd July 2024: 9am - 1pm each day. AEST, GMT +10
- PM Schedule: 24th July - 25th July 2024: 1pm - 5pm each day. AEST, GMT +10
- US Eastern: 30th July - 31st July: 9am - 1pm each day. EDT, GMT -4
Course benefits
- Gain proficiency in MISP setup and configuration.
- Enhance your threat intelligence analysis skills.
- Streamline threat detection and response with MISP.
- Understand the importance of threat sharing in today's cybersecurity landscape.
- Access a supportive network of professionals in the field.
Course materials
- Participants will receive course materials, including slides, documentation, and practical exercises. Access to MISP community resources, forums, and further reading materials will be provided to support ongoing learning.
Who should attend
MISP Kickstart training class is designed to benefit a wide range of individuals interested in cybersecurity and threat intelligence sharing including;
- SOC analysts and personnel who monitor and respond to security incidents can use MISP to improve their threat detection and response capabilities.
- Personnel in law enforcement and government agencies dealing with cybersecurity and threat intelligence can leverage MISP for threat sharing.
- Researchers exploring cybersecurity threats and vulnerabilities can use MISP to aggregate, analyse, and share threat intelligence.
- System or network administrators interested in understanding how to set up and maintain a MISP instance for their organisation.
Participants will need
In order to complete this course, participants will require the following:
- A laptop on which they have administrative privileges to install software, download software and information.
- Have at least 50GB of free hard drive space and be able to allocate 4GB of RAM to a virtual machine.
- Be familiar with working on the command line.
- A Discord account.
Tickets for good, not greed Humanitix dedicates 100% of profits from booking fees to charity