hack.lu 2023

Cratos - Use your bloody indicators
10-17, 09:00–09:25 (Europe/Luxembourg), Salle Europe

MISP is an amazing platform for collecting and maintaining your CTI data and context, but is can also be useful in daily hunting engagements, incident repone cases, standard SecOps and other scenarios; without giving your infrastructure, outsourcing partners access access to context from MISP.


In this talk we will walk through some use cases and releasing and open-source project Cratos an FastAPI application that allows integrating your MISP data into your security infrastructure, minimizing the risk of leaking your contextual data while still automating the tasks, and also allowing to cache data.