Our Scenarios
Security Monitoring

MISP

Malware Information Sharing Platform & Threat Sharing lab covers the core usage of MISP system. The MISP software can be installed on a Linux operating system (preferred on Ubuntu OS) , the installation requires time to complete and Linux administration skills. In order to quickly start with the platform, there is a free virtual machine version available from CIRCL (Computer Incident Response Center Luxembourg). In this lab we will be working with CIRCL MISP virtual machine. The VM is installed with all the necessary components to startup with MISP. The following topics will be practiced in the lab session:

  • Overview of MISP Web Interface
  • Events Management
    • How to create new event
    • How to create new tag
    • How to create new template and create event
    • How to create new organization
    • Event sharing
  • Feeds Management
  • Search for events
  • Exporting events as IDS rules
  • Testing exported MISP IDS rules in Suricata
  • MODESINGLEPLAYER
  • TYPECPL
  • DIFFICULTYEASY
  • TIME90 MINUTES
  • COST1000 CRYSTALS
SHARE