MISP is the de facto standard in cyber threat intelligence sharing. Organisations large and small, public and private, leverage it to share CTI ranging from IOCs to strategic information.
Steel Wing and TMBC developed and deliver a one day MISP user training, enabling your analysts to kickstart your threat intel storage, correlation and sharing. This allows your organisation to tap into the vast amount of intelligence that’s out there, as well as transforming your standalone incidents into an organisational body of knowledge.
Who should attend?
MISP is in widespread use by CERT, CSIRT and SOC teams. Members of those type of teams should attend this training to learn how to work with MISP. This training is aimed at using the MISP platform. It does not focus on installing and/or administering the platform.
What will you learn?
Participants will learn about:
- MISP’s data model
- Retrieving your information in smart ways
- Sharing your intelligence with other organisations
- How to properly create rich events, that can be used to:
- Feed your SIEM/IDS/IPS
- Correlate incidents with historical and ongoing events
- Generate timelines and event graphs for human consumption
- Aggregation for statistical purposes
In short: use cases that are useful on technical, tactical and strategic levels.
Practical
The MISP user training is delivered both as a public training and as an in-company training. The costs are €1100,- ex taxes per participant. This includes course materials and access to the lab environment.
Course materials are in English, the training can be delivered in Dutch or English.
Requirements
Participants should bring a laptop. Ideally, participants have one or more of their organisation’s own incidents to model. If this is not possible, examples are provided by us.
Let’s do it!
Do you need more information or do you want to plan a training? Get in touch!