Great session, however, I've success to deploy MISP made it up and running, then integrtae the HTTPS with our custom cert. I cannot find a cookbook to integrate MISP with the LDAP/AD at all, tried with multiple ways based on information I found in Github and number of forums, no luck. Please advice. Thank you.
It's a nice video. I have a question. why would one want to use so many organizations? normally users work in one organization. are you explaining this from a services perspective where you are managing multiple organizations?
Dear, could you please help me with the below questions, thank you 1.Once we deploy MISP as a stand-alone, Where to link MISP to monitor alerts? SIEM/SOAR or EDR , LDAP , AWS or any other? (In other words: If I deploy MISP in server, how does it look for threats in our environment, what logs does it to need to check, what should I link MISP to AWS? LDAP? Any other? To check all the machines) 2.Do MISP gather information from various OSINT tools and compare the risk/threat in our environment ?
as of i know MISP works against the information you put in and matches with the feeds it has, the information you get will be other sources such as Zeek, Suricata, Wazuh and many others. maybe there is an automated way which I am not aware of.
Very good overview for admins, thank you for sharing this recording!
Great session, however, I've success to deploy MISP made it up and running, then integrtae the HTTPS with our custom cert.
I cannot find a cookbook to integrate MISP with the LDAP/AD at all, tried with multiple ways based on information I found in Github and number of forums, no luck.
Please advice. Thank you.
It's a nice video. I have a question. why would one want to use so many organizations? normally users work in one organization. are you explaining this from a services perspective where you are managing multiple organizations?
Dear, could you please help me with the below questions, thank you
1.Once we deploy MISP as a stand-alone, Where to link MISP to monitor alerts? SIEM/SOAR or EDR , LDAP , AWS or any other? (In other words: If I deploy MISP in server, how does it look for threats in our environment, what logs does it to need to check, what should I link MISP to AWS? LDAP? Any other? To check all the machines)
2.Do MISP gather information from various OSINT tools and compare the risk/threat in our environment ?
as of i know MISP works against the information you put in and matches with the feeds it has, the information you get will be other sources such as Zeek, Suricata, Wazuh and many others. maybe there is an automated way which I am not aware of.
can you please make a video regarding the integration of MISP with Splunk??
how to update the latest feeds ?