Fail frequently to avoid disaster, or how to organically build an open threat intelligence sharing standard to keep the intelligence community free and sane!
Key | Action |
---|---|
K or space | Play / Pause |
M | Mute / Unmute |
C | Select next subtitles |
A | Select next audio track |
V | Show slide in full page or toggle automatic source change |
left arrow | Seek 5s backward |
right arrow | Seek 5s forward |
shift + left arrow or J | Seek 10s backward |
shift + right arrow or L | Seek 10s forward |
control + left arrow | Seek 60s backward |
control + right arrow | Seek 60s forward |
shift + down arrow | Decrease volume |
shift + up arrow | Increase volume |
shift + comma | Decrease playback rate |
shift + dot or shift + semicolon | Increase playback rate |
end | Seek to end |
beginning | Seek to beginning |
Share this media
Download links
HLS video stream
You can use an external player to play this stream (like VLC).
HLS video streamWhen subscribed to notifications, an email will be sent to you for all added annotations.
Your user account has no email address.
Information on this media
Links:
Number of views:
14Creation date:
July 4, 2018Speakers:
Alexandre DulaunoyLicense:
CC BY-SA v4Description
Designing a successful standard for threat intel sharing is a daunting task, with a host of possible pitfalls. This talk aims to describe the journey, challenges and mistakes the MISP Project made while designing the MISP standard as we know it today. There are several paths that can lead to a well-defined standard: early and prolonged requirements gathering versus starting small with rapid iterations, democratic and centralised driving forces, inclusive and exclusive ideologies. Our weapon of choice was an implementation driven, rapid iterative and real-world usage centric approach using the PMF methodology, which allowed us to experiment and fail often but also be aware of our failures before they became irrevocable disasters.
The speakers will attempt to compare and contrast the various methodologies and what lessons we’ve learned.
Alexandre Dulaunoy
Alexandre encountered his first computer in the eighties, and he disassembled it to know how the thing worked. While pursuing his logical path towards information security and free software, he worked as senior security network consultant at different places (e.g. Ubizen, now Cybertrust). He co-founded a startup called Conostix specialized in information security management, and the past 6 years, he was the manager of global information security at SES, a leading international satellite operator. He is now working at the national Luxembourg Computer Security Incident Response Team (CSIRT) in the research and operational fields. He is also lecturer in information security at Paul-Verlaine University in Metz. He is a core team member of the MISP Project and a continuous free software contributor in the security field.
Andras Iklody
Andras is a software developer working for CIRCL and has been the main developer of the Malware Information Sharing Platform since the beginning of 2013. He is a firm believer that there are no problems that cannot be tackled by building the right tool.
Other media in the channel "2018"
- 109 views, 7 this yearGlassfish from (IN)Secure adminJuly 6th, 2018
- 160 views, 3 this yearShadow on the Wall - Risks and Flaws with ShadowsocksJuly 6th, 2018
- 57 views, 4 this yearOpen Hardware for (software) offensive securityJuly 6th, 2018
- 48 views, 4 this yearFreedom Fighting Mode - Open Source Hacking HarnessJuly 6th, 2018
- 76 views, 1 this yearExpl-iot: IoT Security Testing FrameworkJuly 6th, 2018
- 23 viewsIo(M)T Security: A year in reviewJuly 6th, 2018