Fail frequently to avoid disaster, or how to organically build an open threat intelligence sharing standard to keep the intelligence community free and sane!

Loading Click here to add:
Add to notification list

Designing a successful standard for threat intel sharing is a daunting task, with a host of possible pitfalls. This talk aims to describe the journey, challenges and mistakes the MISP Project made while designing the MISP standard as we know it today. There are several paths that can lead to a well-defined standard: early and prolonged requirements gathering versus starting small with rapid iterations, democratic and centralised driving forces, inclusive and exclusive ideologies. Our weapon of choice was an implementation driven, rapid iterative and real-world usage centric approach using the PMF methodology, which allowed us to experiment and fail often but also be aware of our failures before they became irrevocable disasters.

The speakers will attempt to compare and contrast the various methodologies and what lessons we’ve learned. 

Alexandre Dulaunoy 
Alexandre encountered his first computer in the eighties, and he disassembled it to know how the thing worked. While pursuing his logical path towards information security and free software, he worked as senior security network consultant at different places (e.g. Ubizen, now Cybertrust). He co-founded a startup called Conostix specialized in information security management, and the past 6 years, he was the manager of global information security at SES, a leading international satellite operator. He is now working at the national Luxembourg Computer Security Incident Response Team (CSIRT) in the research and operational fields. He is also lecturer in information security at Paul-Verlaine University in Metz. He is a core team member of the MISP Project and a continuous free software contributor in the security field. 

Andras Iklody 
Andras is a software developer working for CIRCL and has been the main developer of the Malware Information Sharing Platform since the beginning of 2013. He is a firm believer that there are no problems that cannot be tackled by building the right tool.