2025-10-23 –, Europe
Cyber threat information sharing continues to be important. The tools we use for this should be regularly scrutinized to ensure their security. The most common way of testing seems to be pentesting using automated tools. In this research I decided to use a different approach, focusing on manual code reviews and exploratory testing of MISP and associated tools, with help from LLM in some cases. This research led to a significant list of vulnerability findings.
In this talk, I go over my approach to code review, and some of the security findings in MISP and associated tools.
