10-23, 14:00–16:00 (Europe/Luxembourg), Schengen 1 & 2
MISP Kickstart provides a comprehensive introduction to the popular Open Source Threat Intelligence and Sharing Platform, "MISP."
The course will establish a foundational understanding of the practical applications of MISP in cyber threat intelligence.
This course follows a real-world scenario where participants will set up a local MISP instance, configure an organisation and users, and create events and information based on the threat profile of an organisation and its industry vertical. Participants will develop an understanding of the common use cases for MISP, learn how to set up and manage sharing communities, select relevant threat feeds (and also not what to turn on) and see how MISP automation workflows can be utilised.
In this training session we'll cover setting up your own test or development instance of MISP, working through configuration, understanding the security and diagnostics. After that we'll cover everything you'll need to know about events, communities, and feeds. We'll also look at some practical use cases for MISP, whether you're a SOC analyst, intel analyst, or IR consultant.
Shanna Daly has over 20 years experience across the information security industry. Shanna’s expertise has been called upon during countless data breach investigations, giving her an in-depth understanding of the security implementations that work, and the ones that don’t. Shanna continues to share her knowledge with the industry and has built and managed consulting teams of industry experts responding to all types of intrusions and breaches.
James Garratt is a Senior Security Consultant at Cosive, with over 20 years of experience spanning IT operations, software engineering, and security. Based in Melbourne, Australia, he specializes in cloud engineering and security, providing expert consulting to enhance organizations' infrastructure. Prior to joining Cosive, James held technical leadership roles at Connexity, Inc. and Experian, where he led engineering teams in deploying scalable, cloud-native solutions. His broad expertise across IT operations, systems administration, software development, and security makes him a versatile professional in the evolving field of cybersecurity.