2025-10-22 –, Europe
A technical talk about a toolset that can be used to track and document threat actors in MISP
This technical talk is about a development project involving a toolset that enhances MISP's ability to store and update Threat Actor profiles. The presenter will introduce the initial problem and describe the concept of the solution and the details of the implementation. Besides this the audience will see the toolset in action while the presenter goes through the lifecycle of a threat actor profile (e.g. initial creation, updates)
Agenda
- Initial problem statement
- Concept and technical details
- Demo with TA profile lifecycle (showing the toolset in action using an imaginary Threat Actor Profile)
Csaba is an IT security practitioner with experience in penetration testing, malware analysis, computer forensics and incident response as well as CTI.
Csaba currently works at an international electronic entertainment provider as staff CTI analyst tracking threat actors. Previously worked in the automobile manufacturing industry in multiple roles (e.g.: SOC technical lead, IR, detection engineering and CTI) for multiple years and as IT security consultant before that.