Raphaël Vinot
Last known affiliation: CIRCL
Date: 2017-12-05
Cyber Threat Intel & Incident Response with TheHive, Cortex & MISP
Raphaël Vinot 🗣 | Saâd Kadhi 🗣 | Jérôme Leonard 🗣
Raphaël Vinot 🗣 | Saâd Kadhi 🗣 | Jérôme Leonard 🗣
Abstract (click to view)
Agenda:
- Cyber Threat Intel & Incident Response in 2017
- MISP, TheHive & Cortex Overview,
- Installing & configuring the product stack
… Bringing it all together
- An IR case study,
- Dealing with notifications,
- How CTI feeds IR,
- How IR feeds CTI,
- The CTI-IR cycle: case study