Andras Iklody
Andras Iklody is a software developer working for CIRCL and has been the main developer of the Malware Information Sharing Platform since the beginning of 2013.

He is a firm believer that there are no problems that cannot be tackled by building the right tool.


Technical Level (3 being the highest score): 2

MISP is a threat intelligence sharing platform, aiming to assist in gathering, sharing, storing and correlating Indicators of Compromise of targeted attacks, threat intelligence, financial fraud information, vulnerability information or even counter-terrorism information.

However, MISP is not only a piece of software, but rather a broad project including many additional elements, such as an intelligence and knowledge base of vocabulary libraries (MISP galaxies, taxonomies, ...) as well as its own open standards.

With its ecosystem, MISP aims at providing a standardised way of sharing information and to improve the sharing process, as well as promoting contextualisation (as context is what makes the data shared actionable).

Flexibility is also important in order to avoid restraining users from sharing their data. By making integration with other tools straight forward, this gap is rather easy to overcome.

Those are the key concepts we will try to illustrate among the presentation of the different features MISP has to offer.

Session details:

The presentation will start with a brief introduction of the platform and the ecosystem around it, to then focus on some of the recent new features and how they can support your analysts and tools.

By providing examples and demos, we will also show how you can easily make use of the several automation mechanisms available in MISP in order to turn data into actionable intelligence.

What will attendees learn ?

The main takeaways are the following:

- An introduction to explain (or remind users) what MISP is
- An overview of the changes and new features since our last presentation at AusCERT
- Examples and demos providing hints about how to filter out data to make use of it

Secure your place now!