Threat Intelligence with MISP
by Phil Chapman
In this course, you will learn how to implement open source threat intelligence sharing and analysis using MISP.
What you'll learn
A major part of the threat intelligence cycle is the analysis and distribution of credible information, tactics, techniques and procedures and exploitations. MISP is one of a series of tools which effectively allows for the storing and dissemination of a wide range of cyber threat intelligence types. In this course, you’ll cover how to utilize MISP to detect and protect against indicators of compromise in an enterprise environment as part of the Threat Intelligence Program. First, you’ll get an understanding of what MISP is and how it can enhance your organizational Threat Intelligence Program. Next, you’ll understand how MISP is used throughout the intelligence sharing community and works as a mitigation technique within Mitre. Finally, you will understand how to install and configure MISP and analyze a variety of threat indicators of compromise, anomalies, and events. When you’re finished with this course, you’ll have the skills and knowledge to implement these detection techniques using MISP.
About the author
Phil Chapman is a senior instructor. He is responsible for the delivery of a range of courses including official Microsoft, CompTIA, EC Council and BCS official certifications. He is also
the subject matter expert and project lead for the bespoke Law Enforcement Cyber Security training packages which are delivered to UK Law Enforcement agencies and forces. He holds a variety of IT Technical and Security qualifications across many fields.
Phil spent 23 years in the Royal Air Force as an Intellige... morence Analyst working across the world in support of Signals and Human Intelligence operations. He worked mostly for GCHQ
agencies but also supported UK counter terrorism agencies and security services during his career. He also spent 5 years as a military trainer delivering courses in analysis, security and
intelligence gathering and reporting.
In 2007 Phil left the RAF and began a career as a training consultant, initially within a Microsoft Academy and then as a freelance consultant/trainer working across Europe in
support of multiple companies and organisations. He is now a permanent trainer and continues to deliver and develop training packages in support of the cyber security apprenticeship, law enforcement and commercial courses run in the UK and Europe. He is actively involved the Prepare, Protect and Prevent strategies working alongside UK law
enforcement agencies and advises as an SME to several UK based Cyber Crime Units.