MISP training – Prague 2021 (4th year)
14.09. – 15.09.2021
We would like to invite you to two-day training sessions full of MISP (Malware Information Sharing Platform & Threat Sharing) and AIL (modular framework to analyse potential information leaks).
The purpose is to reach out to security analysts using MISP as a threat intelligence platform along with users using it as an information sharing platform. The MISP training will demonstrate how the platform works; explain how to share, comment, and contribute data, and describe the future of development.
This is an opportunity…
- for the users to meet the developers and other users of MISP,
- to exchange information about potential improvements or use-cases using MISP as a threat-intelligence platform,
- to become a member of international community,
- to get last information about AIL and CyCAT(Meow).
Second day of the training is designed for developers and advanced users. It will be focused on the extension aspects of MISP including API, ZMQ or even contributing to the core software. There will be space for info about AIL – modular framework to analyse potential information leaks from unstructured data sources like pastes from Pastebin or similar services or unstructured data streams.
Training is designed for Security Engineers, ICT Administrators, Analysts Prerequisites with good knowledge of information security fundamentals.
We will speak in English; training, info materials, parking, refreshment, and coffee are for free. You need only your laptop.
Training _about
MISP _users
introduction to MISP and information sharing; user perspective; new functionalities; platform control; integration; misp-dashboard; taxonomies; warning lists; galaxies and objects; modules; – user perspective
MISP _sharing
practical experience of SPCSS within the Ministry of Finance; MISP platform for a specific use
MISP _developers
API and hands on; implementation and settings; information leaks; (AIL) framework; data flow analysis (Pasterbin, Darkweb, Tor…)
MISP _newz
Latest from MISP development especially in context of Event report or Deacying indicators.
AIL _extra
There has been a lot of development last year on this platform. The changes will be presented by developers.
CyCAT _bonus
CyCAT or the CYbersecurity Resource CATalogue aims at mapping and documenting all the available cybersecurity tools, rules, playbooks, processes and controls.
On-site _ONLY (in Czech and English):
Get your MISP _onsite
Practical information on how to deploy MISP in your organization (especially state) with the support of SPCSS.
SPCSS _onsite
The latest information from the field of active cyber security, cloud security and the state part of the government cloud.
NÚKIB _onsite
National Cyber and Information Security Agency (aka NÚKIB in Czech) will update you on the latest news regarding the national instance of MISP.
Networking _onsite
Yes, meeting people in person still exists. Come and meet experts in the field!
Timetable
1st day
8.30 – 9.00 | Registration and breakfast |
9.00 – 9.15 | SPCSS intro |
9.15 – 12.00 | MISP – administrator (Online)* |
12.00 – 13.00 | Lunch break |
13.00 – 16.00 | MISP – administrator (Online) |
2nd day
8.30 – 9.00 | Registration and breakfast |
9.00 – 12.00 | MISP – developer (Online) |
12.00 – 13.00 | Lunch break |
13.00 – 14.00 | MISP – developer |
14.00 – 15.00 | AIL (Online) |
15.00 – 15.30 | CyCAT (Online) |
15.30 – 15.45 | SPCSS – MISP |
15.45 – 16.00 | NÚKIB – MISP |
… and coffee breaks.
*(Online) These parts are available online.
Please fill in your registration till
10th of September 2021
and wait for confirmation your registration. The training is on site and capacity is limited.
There is an opportunity to complete the training on-site or on-line. Please select your choice. Participation on the site is intended for 30-person only. You will need vaccination certificate (anti covid) or negative AG, PCR test for participation.
Host:
Státní pokladna Centrum sdílených služeb, s. p. (SPCSS)