MISP Workflow
1:33:39
2 жыл бұрын
AIL project workshop (20220308)
2:48:52
SMILE ESA version finale
4:30
5 жыл бұрын
SMILE Meetup Interview Mike Lorang
2:11
misp qrcode module
0:46
5 жыл бұрын
A message to the students
2:37
5 жыл бұрын
MISP Event graph demo
3:04
5 жыл бұрын
hack.lu 2018 thank-you video
1:40
6 жыл бұрын
hack.lu promo video
3:19
6 жыл бұрын
MISP Tutorial - Enablings Feeds
0:34
Пікірлер
@isotonic_uk
@isotonic_uk 13 күн бұрын
Does MISP support ldap authentication or does it rely on other services such as apache? Want to deploy on RHEL9 in production. thanks
@Tim--3573
@Tim--3573 Ай бұрын
Amazing content! Thank you! Would you be able to create a video for using miap github repositories?
@MikeColorblind2369
@MikeColorblind2369 2 ай бұрын
Would it be possible to put out a video on how to create dashboards in MISP?
@th3maf
@th3maf 2 ай бұрын
Great video with very good use-cases. Please more sessions like these in the future! :)
@mateusz2541
@mateusz2541 2 ай бұрын
Thanks for the video. I wonder if there is some video showing how to add or connect two instances of MISP in one organisation ? I also wanted to ask if there is any material about connecting with other organisations. How to proceed this task from A to Z ? I would be gratefull for any tips. Best regards.
@matpanel
@matpanel 2 ай бұрын
I don't want to be that guy, but you are making all these great trainings and the audio quality is not that good and it is a bummer. There, I said it. Sorry for the criticism.
@CIRCLLuxembourg
@CIRCLLuxembourg 2 ай бұрын
We even did the recording in a studio with professional microphones. We did some listening and everyone agree that sounds clear. Can you point to a specific time code where you think there is an issue? Thanks a lot.
@Tim--3573
@Tim--3573 Ай бұрын
Hi, the bass is a little too much.
@JossOrtan
@JossOrtan 3 ай бұрын
Informative video on MISP training for threat intelligence! How can MISP help analysts and security professionals stay ahead of emerging threats in a constantly evolving cyber landscape?
@pranavghildiyaal1746
@pranavghildiyaal1746 4 ай бұрын
INSTALLATION IS A HEADACHE
@eliotalderson3865
@eliotalderson3865 Ай бұрын
ahahahahahaha real
@yousufturkey9273
@yousufturkey9273 8 ай бұрын
It's a nice video. I have a question. why would one want to use so many organizations? normally users work in one organization. are you explaining this from a services perspective where you are managing multiple organizations?
@SomnathDas-uw4bg
@SomnathDas-uw4bg 9 ай бұрын
can you please make a video regarding the integration of MISP with Splunk??
@paramveersingh5122
@paramveersingh5122 10 ай бұрын
1:02:00 onwards is useful -> Tagging for myself
@gv9359
@gv9359 10 ай бұрын
First time i struggled to understand English of Alex. It sounding like good session but Language is not legible. Make it proper please. 12 minutes into the session and i already lost it.
@Macj707
@Macj707 10 ай бұрын
CHEF CRISP WUZ HERE!
@Man-qq4vm
@Man-qq4vm Жыл бұрын
Can I say, MISP similar to knowledge base from different source, the company can also create a event to contribute it ?
@threathunter369
@threathunter369 Жыл бұрын
This is great, Do more tutorials about AIL Framework for Beginners. Thank You:)
@AmanSingh-ym5eb
@AmanSingh-ym5eb Жыл бұрын
Not sure if you are monitoring questions, but I had a doubt - If we set up a pull sync on MISP instance B (to pull events from instance A), does A control what events can be pulled from it? I believe one can assign the right distribution (your org only, connected communities etc.) to broadly control what events can be pulled, but we cannot use tags to set the filter rules (i.e. specific tags like tlp:green) on A, like B can on their side? Also, if the distribution is set to 'connected communities' or 'all communities' for all events in A, then basically B can pull all the data from A (if it wants to) in a sync?
@draass227
@draass227 Жыл бұрын
Great session, however, I've success to deploy MISP made it up and running, then integrtae the HTTPS with our custom cert. I cannot find a cookbook to integrate MISP with the LDAP/AD at all, tried with multiple ways based on information I found in Github and number of forums, no luck. Please advice. Thank you.
@dumisanenkosi3798
@dumisanenkosi3798 Жыл бұрын
I'm also starting to learn about MISP and its capabilities and was looking to use it with Python is there anywhere one can get the Jupyter notebooks?
@alexandredulaunoy
@alexandredulaunoy 10 ай бұрын
Sure, it's at the following location the following location github.com/MISP/misp-training/blob/main/a.7-rest-API/Training%20-%20Using%20the%20API%20in%20MISP.ipynb and github.com/MISP/misp-training/blob/main/a.7-rest-API/query-misp.ipynb
@praveenpatil6687
@praveenpatil6687 Жыл бұрын
Dear, could you please help me with the below questions, thank you 1.Once we deploy MISP as a stand-alone, Where to link MISP to monitor alerts? SIEM/SOAR or EDR , LDAP , AWS or any other? (In other words: If I deploy MISP in server, how does it look for threats in our environment, what logs does it to need to check, what should I link MISP to AWS? LDAP? Any other? To check all the machines) 2.Do MISP gather information from various OSINT tools and compare the risk/threat in our environment ?
@yousufturkey9273
@yousufturkey9273 8 ай бұрын
as of i know MISP works against the information you put in and matches with the feeds it has, the information you get will be other sources such as Zeek, Suricata, Wazuh and many others. maybe there is an automated way which I am not aware of.
@barryabrams6071
@barryabrams6071 Жыл бұрын
Has anyone installed MISP Container on Docker using an AWS EC2 Instance loaded with Ubuntu Version 22.04? I have tried this with CoolAcid misp-docker and Harvard-itsecurity/docker-misp. I checked to ensure everything is installed, up, and running but I can't connect to the MISP Login Page with localhost, IP Address, or Port Number. I have noticed MySQL is not up and running. Should I edit this with a new IP or port number? If so, what file should I edit?
@kevinelwell8151
@kevinelwell8151 Жыл бұрын
Are the Jupyter notebooks available?
@alexandredulaunoy
@alexandredulaunoy 10 ай бұрын
Yes, at the following location github.com/MISP/misp-training/blob/main/a.7-rest-API/Training%20-%20Using%20the%20API%20in%20MISP.ipynb and github.com/MISP/misp-training/blob/main/a.7-rest-API/query-misp.ipynb
@kylekeefer5293
@kylekeefer5293 Жыл бұрын
Thanks for posting this! I'm learning about MISP and this is an invaluable resource
@jondo-vh8tx
@jondo-vh8tx Жыл бұрын
Thank you very much for a very nice and detailed approach
@DCciber
@DCciber Жыл бұрын
Donde está colgado el doc?
@DCciber
@DCciber Жыл бұрын
Donde está colgado el doc?
@DCciber
@DCciber Жыл бұрын
Donde está colgado el doc?
@PerahYafe
@PerahYafe Жыл бұрын
ll
@AV-ct8el
@AV-ct8el Жыл бұрын
Hello, Which version of MISP is the presenter using? The version that I'm using for the training (v. 2.4.155) doesn't : 1. have the "Add Object" icon. Instead the icon's tooltip says "Populate using a Template". 2. There's no "workflow:state=draft" " tag 3. The "Add Reference" for the graph, doesn't recognize the "sends" relationship, (it says "custom") when trying to connect "person:Andrew Ryan" with email, and many more...
@GermanFleitas
@GermanFleitas Жыл бұрын
Me sumo al comentario anterior. CIRCL tiene alguna comunidad en español?
@blabber92
@blabber92 Жыл бұрын
Is there any method to install MISP in Kali linux VM?
@ELIF-of7jv
@ELIF-of7jv Жыл бұрын
Buenas tardes, Cómo nos podemos tener conocimiento de las sesiones en vivo? Parte 2?
@jamacc9910
@jamacc9910 Жыл бұрын
I attended this training on the day, and I'm now coming back to remind myself how to create object references. Thanks for uploading.
@johnchong9660
@johnchong9660 Жыл бұрын
how to update the latest feeds ?
@mllenessmarie
@mllenessmarie Жыл бұрын
Very good overview for admins, thank you for sharing this recording! <3
@marksvalow1834
@marksvalow1834 2 жыл бұрын
i9hdct kzbin.info/aero/PLatBUqXIPJGg77ODNDckYbK6hiRP-ERW8
@Flaviooox
@Flaviooox 2 жыл бұрын
thanks
@andynewton3406
@andynewton3406 3 жыл бұрын
Freetext option is great here. Multiple IoCs added and type detected automatically. Saved the best til last.
@anastasiabozhko4867
@anastasiabozhko4867 3 жыл бұрын
Hi, everyone! I have a problem: MISP defines all attributes of the event as filename instead domain. That event has a lot of attributes and it will hard to change all of them. Is there any solution? (thank you)
@vikrantvijit1436
@vikrantvijit1436 3 жыл бұрын
Thanks for the help.
@encianhoratiu5301
@encianhoratiu5301 4 жыл бұрын
For eg if you ingest events from threatingestor feeds and those are read from web / csv, can you choose to ingest one event for each csv row, at the moment It ingests it as a single event. ??? Thanks
@calivent
@calivent 4 жыл бұрын
here is a guide on how to add events kzbin.info/www/bejne/mHvZpIlnjc-Dmpo
@kiranr938
@kiranr938 4 жыл бұрын
Awesome
@cybersecuritylearning7542
@cybersecuritylearning7542 4 жыл бұрын
why my galaxies are empty? i have the categories and the names, but all the activity in each galaxy is 0
@hasmituchil5214
@hasmituchil5214 4 жыл бұрын
hxxps://www.misp-project[.]org/misp-training/misp-training.pdf
@ace2burn
@ace2burn 5 жыл бұрын
Great introduction video to MISP. Keep up the good work!
@alicedecker2877
@alicedecker2877 5 жыл бұрын
Unfortunately, in this training is as good as nothing about how a researcher can search and properly use MISP through the UI. All the user manuals and information I could find in web do not refers on how to use MISP for digesting information but only how to feed it. :(
@CIRCLLuxembourg
@CIRCLLuxembourg 5 жыл бұрын
Thank you very much for your feedback. This video training is just a small part of a complete training set for MISP. All the training materials are included at the following location github.com/MISP/misp-training#materials and especially the aspect of using the API to "digest" information. There is also multiple Jupyter notebook on how to use PyMISP to interact with the API github.com/MISP/PyMISP/blob/master/docs/tutorial/FullOverview.ipynb - We have also a free 2-days MISP training in Luxembourg in September www.misp-project.org/events/#current-misp-trainings
@upadisetty
@upadisetty 5 жыл бұрын
enabled the feed. but it isn't fetching feeds daily.
@MikelSonia
@MikelSonia 5 жыл бұрын
Very interesting. Thank you for sharing.
@abdulrhmanuthman4141
@abdulrhmanuthman4141 6 жыл бұрын
Hi CIRCL Luxembourg, Mr. Alexandre, and Mr. Andras! May I know when you will upload the continuation of this training? Many details were clarified to me because of these 2 sessions and I hope you will share the rest of it. Btw, I am a student and our project is about MISP and Snort. Thank you.
@CIRCLLuxembourg
@CIRCLLuxembourg 5 жыл бұрын
We don't plan to record additional videos soon but the complete set of the training materials is available at the following location: github.com/MISP/misp-training#materials
@drinkssobe
@drinkssobe 10 жыл бұрын
Nice Boblbee hardshell backpack