2025-10-23 –, Europe
Born in 2001, the Internet Storm Center (or ISC) is a volunteer-driven threat-monitoring and early-warning program that evolved out of Incidents.org and the DShield consensus intrusion-log project. Leveraging a distributed network of sensors that now contributes tens of millions of firewall and IDS records each day, the ISC correlates this data to track “storms” of malicious activity, publishes a real-time Infocon threat level, and releases daily “Handler Diary” blog posts and a short Stormcast podcast to brief defenders on the latest vulnerabilities, exploits, and malware campaigns. About 40 volunteer handlers spread across several countries analyze submissions, craft tools, and coordinate community response, making the ISC one of the longest-running open sources of actionable situational awareness for incident responders and network operators worldwide. During this presentation, I'll show you the data that we collect and make available to api, mainly through our API. I will also introduce our worldwide honeypot network (and how easily you can join it to share more data).
The idea of this talk is to make people aware of the data we offer and how you can benefit from it in your day to day hunting tasks. How the ISC works, what are the tools we provide. And, if you're interested, how you can apply to become a Handler! I'll also demonstrate live (if Demo God is with me) some cool honeypot features we have.
Xavier Mertens is a freelance security consultant running his own company based in Belgium (Xameco). With 15+ years of experience in information security, Xavier finds “blue team” activities more attractive. Therefore, his day job focuses on protecting his customers' assets by providing services like incident handling, malware analysis, forensic investigations, log management, security visualization, and OSINT). Besides his day job, Xavier is also a Senior Handler at the SANS Internet Storm Center, Certified SANS Instructor (FOR610, FOR710), security blogger and co-organizer of the BruCON security conference.