Course overview
Malware Intelligence Sharing Platform (MISP) is an open source platform designed to support collaboration around threat intelligence in the cyber security community. It enables users to share, store, and exchange malware indicators and security analytics.
The MISP Foundation training course will help you to understand the basic MISP concepts and practical skills to set up and use the MISP tool for threat intelligence sharing and enrichment. You'll be able to dive deep, ask questions, work through solutions, and use hands-on lab practices. You'll get assistance and support from an experienced MISP instructor and premium MISP developer with deep technical knowledge and real examples.
This is a fundamental-level course and is a prerequisite for the Advanced MISP for Developers and System Administrators course. The course is a TWO Days course that delivered either face-to-face, or through online virtual class.
This course is delivered by RESINT Technology.
Course details
COURSE OUTLINE
-
MISP as a threat intelligence sharing platform
-
MISP setup walk-through
-
The MISP data model
-
Threat intelligence contextualisation in MISP
-
Incident encoding
-
Information correlation
-
Threat intelligence sharing
-
Basic report generation
-
Best practices to encode threat intelligence
-
MISP synchronisation and feeds
Hands-on lab practices:
-
Setting up MISP instances
-
Conducting various enrichments in MISP
-
Generating threat intelligence
-
Sharing the threat intelligence with other MISP users
