<
Add to my Schedule Bohemia Ballroom
07 Dec 2017 11:00 AM - 11:45 AM (UTC)
20171207T1100 20171207T1145 UTC Fail frequently to avoid disaster, or how to organically build a threat intel sharing standard Designing a successful standard for threat intel sharing is a daunting task, with a host of possible pitfalls. This talk aims to describe the journey, challenges and mistakes the MISP Project made whi... Bohemia Ballroom Borderless Cyber Conference and Technical Symposium / 6-8 Dec 2017 / Prague events@oasis-open.org

Designing a successful standard for threat intel sharing is a daunting task, with a host of possible pitfalls. This talk aims to describe the journey, challenges and mistakes the MISP Project made while designing the MISP standard as we know it today. There are several paths that can lead to a well defined standard: early and prolonged requirement gathering versus starting small with rapid iterations, democratic and centralised driving forces, inclusive and exclusive ideologies. Our weapon of choice was an implementation driven, rapid iterative and real-world usage centric approach using the PMF methodology, which allowed us to experiment and fail often but also be aware of our failures before they became unrevokable disasters.

The speaker will attempt to compare and contrast the various methodologies and what lessons we've learned.

Mr. Alexandre Dulaunoy
CIRCL (Computer Incident Response Center Luxembourg)
Security Researcher
Mr. Andras Iklody
CIRCL
Core Team Member, MISP Project
No slides to display.