JJ Josing is the Principal Threat Researcher at the Retail & Hospitality ISAC. Over the last 5 years in the retail space he has had a strong focus on automation and tool development with Python and using free and open source software to assist in his research. He likes to design networks, automate the tools and break all the things. Author of PyOTI - the python open threat intelligence library.
Defending against the latest threats requires timely, actionable intelligence. In an active sharing community that has members of varying maturity, resources, and team staffing, you need a way to collect, normalize, enrich, and vet the shared intelligence at scale. Most will have different intelligence requirements, so flexibility is demanded to tailor to the disparate use-cases and existing workflows they may have. This presentation shows how the Retail & Hospitality ISAC leverages MISP as a community instance for their members and incorporates other free and open-source software to address these topics and more!