Does MISP support ldap authentication or does it rely on other services such as apache? Want to deploy on RHEL9 in production. thanks
@Tim--3573Ай бұрын
Amazing content! Thank you! Would you be able to create a video for using miap github repositories?
@MikeColorblind23692 ай бұрын
Would it be possible to put out a video on how to create dashboards in MISP?
@th3maf2 ай бұрын
Great video with very good use-cases. Please more sessions like these in the future! :)
@mateusz25412 ай бұрын
Thanks for the video. I wonder if there is some video showing how to add or connect two instances of MISP in one organisation ? I also wanted to ask if there is any material about connecting with other organisations. How to proceed this task from A to Z ? I would be gratefull for any tips. Best regards.
@matpanel2 ай бұрын
I don't want to be that guy, but you are making all these great trainings and the audio quality is not that good and it is a bummer. There, I said it. Sorry for the criticism.
@CIRCLLuxembourg2 ай бұрын
We even did the recording in a studio with professional microphones. We did some listening and everyone agree that sounds clear. Can you point to a specific time code where you think there is an issue? Thanks a lot.
@Tim--3573Ай бұрын
Hi, the bass is a little too much.
@JossOrtan3 ай бұрын
Informative video on MISP training for threat intelligence! How can MISP help analysts and security professionals stay ahead of emerging threats in a constantly evolving cyber landscape?
@pranavghildiyaal17464 ай бұрын
INSTALLATION IS A HEADACHE
@eliotalderson3865Ай бұрын
ahahahahahaha real
@yousufturkey92738 ай бұрын
It's a nice video. I have a question. why would one want to use so many organizations? normally users work in one organization. are you explaining this from a services perspective where you are managing multiple organizations?
@SomnathDas-uw4bg9 ай бұрын
can you please make a video regarding the integration of MISP with Splunk??
@paramveersingh512210 ай бұрын
1:02:00 onwards is useful -> Tagging for myself
@gv935910 ай бұрын
First time i struggled to understand English of Alex. It sounding like good session but Language is not legible. Make it proper please. 12 minutes into the session and i already lost it.
@Macj70710 ай бұрын
CHEF CRISP WUZ HERE!
@Man-qq4vm Жыл бұрын
Can I say, MISP similar to knowledge base from different source, the company can also create a event to contribute it ?
@threathunter369 Жыл бұрын
This is great, Do more tutorials about AIL Framework for Beginners. Thank You:)
@AmanSingh-ym5eb Жыл бұрын
Not sure if you are monitoring questions, but I had a doubt - If we set up a pull sync on MISP instance B (to pull events from instance A), does A control what events can be pulled from it? I believe one can assign the right distribution (your org only, connected communities etc.) to broadly control what events can be pulled, but we cannot use tags to set the filter rules (i.e. specific tags like tlp:green) on A, like B can on their side? Also, if the distribution is set to 'connected communities' or 'all communities' for all events in A, then basically B can pull all the data from A (if it wants to) in a sync?
@draass227 Жыл бұрын
Great session, however, I've success to deploy MISP made it up and running, then integrtae the HTTPS with our custom cert. I cannot find a cookbook to integrate MISP with the LDAP/AD at all, tried with multiple ways based on information I found in Github and number of forums, no luck. Please advice. Thank you.
@dumisanenkosi3798 Жыл бұрын
I'm also starting to learn about MISP and its capabilities and was looking to use it with Python is there anywhere one can get the Jupyter notebooks?
@alexandredulaunoy10 ай бұрын
Sure, it's at the following location the following location github.com/MISP/misp-training/blob/main/a.7-rest-API/Training%20-%20Using%20the%20API%20in%20MISP.ipynb and github.com/MISP/misp-training/blob/main/a.7-rest-API/query-misp.ipynb
@praveenpatil6687 Жыл бұрын
Dear, could you please help me with the below questions, thank you 1.Once we deploy MISP as a stand-alone, Where to link MISP to monitor alerts? SIEM/SOAR or EDR , LDAP , AWS or any other? (In other words: If I deploy MISP in server, how does it look for threats in our environment, what logs does it to need to check, what should I link MISP to AWS? LDAP? Any other? To check all the machines) 2.Do MISP gather information from various OSINT tools and compare the risk/threat in our environment ?
@yousufturkey92738 ай бұрын
as of i know MISP works against the information you put in and matches with the feeds it has, the information you get will be other sources such as Zeek, Suricata, Wazuh and many others. maybe there is an automated way which I am not aware of.
@barryabrams6071 Жыл бұрын
Has anyone installed MISP Container on Docker using an AWS EC2 Instance loaded with Ubuntu Version 22.04? I have tried this with CoolAcid misp-docker and Harvard-itsecurity/docker-misp. I checked to ensure everything is installed, up, and running but I can't connect to the MISP Login Page with localhost, IP Address, or Port Number. I have noticed MySQL is not up and running. Should I edit this with a new IP or port number? If so, what file should I edit?
@kevinelwell8151 Жыл бұрын
Are the Jupyter notebooks available?
@alexandredulaunoy10 ай бұрын
Yes, at the following location github.com/MISP/misp-training/blob/main/a.7-rest-API/Training%20-%20Using%20the%20API%20in%20MISP.ipynb and github.com/MISP/misp-training/blob/main/a.7-rest-API/query-misp.ipynb
@kylekeefer5293 Жыл бұрын
Thanks for posting this! I'm learning about MISP and this is an invaluable resource
@jondo-vh8tx Жыл бұрын
Thank you very much for a very nice and detailed approach
@DCciber Жыл бұрын
Donde está colgado el doc?
@DCciber Жыл бұрын
Donde está colgado el doc?
@DCciber Жыл бұрын
Donde está colgado el doc?
@PerahYafe Жыл бұрын
ll
@AV-ct8el Жыл бұрын
Hello, Which version of MISP is the presenter using? The version that I'm using for the training (v. 2.4.155) doesn't : 1. have the "Add Object" icon. Instead the icon's tooltip says "Populate using a Template". 2. There's no "workflow:state=draft" " tag 3. The "Add Reference" for the graph, doesn't recognize the "sends" relationship, (it says "custom") when trying to connect "person:Andrew Ryan" with email, and many more...
@GermanFleitas Жыл бұрын
Me sumo al comentario anterior. CIRCL tiene alguna comunidad en español?
@blabber92 Жыл бұрын
Is there any method to install MISP in Kali linux VM?
@ELIF-of7jv Жыл бұрын
Buenas tardes, Cómo nos podemos tener conocimiento de las sesiones en vivo? Parte 2?
@jamacc9910 Жыл бұрын
I attended this training on the day, and I'm now coming back to remind myself how to create object references. Thanks for uploading.
@johnchong9660 Жыл бұрын
how to update the latest feeds ?
@mllenessmarie Жыл бұрын
Very good overview for admins, thank you for sharing this recording! <3
Freetext option is great here. Multiple IoCs added and type detected automatically. Saved the best til last.
@anastasiabozhko48673 жыл бұрын
Hi, everyone! I have a problem: MISP defines all attributes of the event as filename instead domain. That event has a lot of attributes and it will hard to change all of them. Is there any solution? (thank you)
@vikrantvijit14363 жыл бұрын
Thanks for the help.
@encianhoratiu53014 жыл бұрын
For eg if you ingest events from threatingestor feeds and those are read from web / csv, can you choose to ingest one event for each csv row, at the moment It ingests it as a single event. ??? Thanks
@calivent4 жыл бұрын
here is a guide on how to add events kzbin.info/www/bejne/mHvZpIlnjc-Dmpo
@kiranr9384 жыл бұрын
Awesome
@cybersecuritylearning75424 жыл бұрын
why my galaxies are empty? i have the categories and the names, but all the activity in each galaxy is 0
Great introduction video to MISP. Keep up the good work!
@alicedecker28775 жыл бұрын
Unfortunately, in this training is as good as nothing about how a researcher can search and properly use MISP through the UI. All the user manuals and information I could find in web do not refers on how to use MISP for digesting information but only how to feed it. :(
@CIRCLLuxembourg5 жыл бұрын
Thank you very much for your feedback. This video training is just a small part of a complete training set for MISP. All the training materials are included at the following location github.com/MISP/misp-training#materials and especially the aspect of using the API to "digest" information. There is also multiple Jupyter notebook on how to use PyMISP to interact with the API github.com/MISP/PyMISP/blob/master/docs/tutorial/FullOverview.ipynb - We have also a free 2-days MISP training in Luxembourg in September www.misp-project.org/events/#current-misp-trainings
@upadisetty5 жыл бұрын
enabled the feed. but it isn't fetching feeds daily.
@MikelSonia5 жыл бұрын
Very interesting. Thank you for sharing.
@abdulrhmanuthman41416 жыл бұрын
Hi CIRCL Luxembourg, Mr. Alexandre, and Mr. Andras! May I know when you will upload the continuation of this training? Many details were clarified to me because of these 2 sessions and I hope you will share the rest of it. Btw, I am a student and our project is about MISP and Snort. Thank you.
@CIRCLLuxembourg5 жыл бұрын
We don't plan to record additional videos soon but the complete set of the training materials is available at the following location: github.com/MISP/misp-training#materials