Sold Out

Incident Response and Cyber Threat Intelligence with TheHive, Cortex & MISP

Event Information

Share this event

Date and Time

Location

Location

Banca d'Italia - Centro Donato Menichella della Banca d'Italia (CDM)

Viale Luigi Einaudi

00044

Italy

View Map

Event description

Description

Saâd Kadhi leads a large CERT at a reputable French financial institution. TheHive and Cortex are his brainchildren. He has been working in information security for twenty years. A decade ago, he was exposed to DFIR and what we call threat intelligence nowadays and developed a passion for these fields. He co-organizes Botconf, the botnet fighting conference and frequently writes infosec articles. He has also been a speaker at several events throughout the world.

The goal of the tutorial is to familiarize participants with Incident Response and Cyber Threat Intelligence using TheHive, a Security Incident Response Platform, Cortex, a powerful observable analysis engine and MISP, a popular threat sharing platform. All software is free and open source.

Agenda: what is Incident Response and Cyber Threat Intelligence in 2018, overview of the software stack, installation and configuration, an IR case study, the CTI-IR cycle case study.

  • Intended audience: security/SOC analysts, CSIRT/CERT team members

  • Prerequisites:

    • It is important that you are able to connect with SSH to the VMs.
    • This assumes that you know how to configure the Guest VM to have an IP visible on the Host.
  • Requirements: Students must bring:

  • Hardware requirements:
    1.4+ GHz, singlecore
    4+ GB of RAM
    15 GB of disk space
    Blank USB Stick, just in case
    Internet connectivity on-site
    Bottom line, you need to at least be able to decently run a VM with an Apache/PHP/Python3 running.

  • Software requirements:
    Host OS:
    Win/*NIX as a HOST OS with administrator rights
    Virtualization environments:
    VMware Workstation (recent) / Fusion (recent) or VirtualBox (recent)
    Full access rights for USB devices and Network interfaces.

The course will be given in English.

Share with friends

Date and Time

Location

Banca d'Italia - Centro Donato Menichella della Banca d'Italia (CDM)

Viale Luigi Einaudi

00044

Italy

View Map

Save This Event

Event Saved