BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//hack-lu-2023//speaker//KFACCC
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-hack-lu-2023-99YBB9@pretalx.com
DTSTART;TZID=CET:20231017T173500
DTEND;TZID=CET:20231017T175500
DESCRIPTION:In cybersecurity\, CTI and SOC teams often seat next to each ot
 her. The CTI team accumulates impressive amount of threat intelligence inc
 luding technical IOCs. On SOC side even more impressive amount of data is 
 collected in data lakes even now data oceans (logs\, telemetry\, network f
 low or traffic\, etc.).\nMISP has been available for years as a Threat Int
 elligence platform and had highly facilitated sharing across the security 
 community\, mainly between CTI teams. In particular\, MISP allows an organ
 isation to have IOC data set ready to be used.\nStill SOC teams rather oft
 en struggle to consume those IOCs into their monitoring and detection plat
 forms and event more to feed back into MISP for new findings or sightings 
 from the alerts or retro searches run on the SOC platforms.\nMISP42 is an 
 open-source app developed to help SOC teams using Splunk platform to make 
 the use of IOCs in MISP an easy workflow that can be automated.
DTSTAMP:20260616T030520Z
LOCATION:Salle Europe
SUMMARY:MISP42: connecting CTI and SOC teams - Remi Seguy
URL:https://pretalx.com/hack-lu-2023/talk/99YBB9/
END:VEVENT
END:VCALENDAR