In Curation We Trust - Generating Contextual and Actionable Threat Intelligence

Discover how to optimize threat intelligence curation and contextualization in this 42-minute conference talk from BruCON Security Conference. Learn about setting up a MISP ecosystem with automation scripts to overcome the challenges of lacking context and false positives in threat intelligence data. Explore the implementation of multiple MISP instances, ZeroMQ scripts, and extensive tagging features to create a streamlined curation process that saves time and provides actionable intelligence. Gain insights into establishing a full threat intelligence feedback loop between SOC, incident response, and malware analysis teams. Walk away with practical knowledge on replicating NVISO's functional MISP architecture and operational curation process to enhance your organization's threat intelligence workflow.

12-BruCON 0x0E-In Curation We Trust Generating Contextual&Actionable Threat Intelligence-Coene&Nixon