Malware Information Sharing Project
Format
This is an in person walkthrough. Ask questions freely, and learn about malware, and indicators of compromise.
Materials
- None.
- None.
Introduction
Malware attacks happen frequently. Where do we go when the news is too slow to find out what attacks are happening?
MISP is an open source project. It's a server, it's a community, it's crowdsourcing anti-virus signatures.
Steps to Complete
-
Check out the open source development
A platform for sharing, storing and correlating Indicators of Compromises of targeted attacks. Discover how MISP is used today in multiple organisations. Not only to store, share, collaborate on malware, but also to use the IOCs to detect and prevent attacks. Find out more here.
-
Ask questions during the demo
I'll demo the system I have access to. I'd ask you to keep some of the information you see off the record. However, I do encourage you to ask questions about malware analysis and how MISP is used.
-
Do you use GPG?
Ask for an account: give an email to me for use with a MISP account.
Glossary
GPG
Gnu Privacy Guard (email encryption).
IoCs
Indicators of Compromise
Follow-up Resources & Materials
Greetz & shout outs
CIRCL.LU, Alexandre Dulaunoy, Raphael Vinot, Marion Marschalek