Designing a successful standard for threat intel sharing is a daunting task, with a host of possible pitfalls. This talk aims to describe the journey, challenges and mistakes the MISP Project made while designing the MISP standard as we know it today. There are several paths that can lead to a well defined standard: early and prolonged requirement gathering versus starting small with rapid iterations, democratic and centralised driving forces, inclusive and exclusive ideologies. Our weapon of choice was an implementation driven, rapid iterative and real-world usage centric approach using the PMF methodology, which allowed us to experiment and fail often but also be aware of our failures before they became unrevokable disasters. The speaker will attempt to compare and contrast the various methodologies and what lessons we've learned.
Bohemia Ballroom Borderless Cyber Conference and Technical Symposium / 6-8 Dec 2017 / Prague events@oasis-open.orgDesigning a successful standard for threat intel sharing is a daunting task, with a host of possible pitfalls. This talk aims to describe the journey, challenges and mistakes the MISP Project made while designing the MISP standard as we know it today. There are several paths that can lead to a well defined standard: early and prolonged requirement gathering versus starting small with rapid iterations, democratic and centralised driving forces, inclusive and exclusive ideologies. Our weapon of choice was an implementation driven, rapid iterative and real-world usage centric approach using the PMF methodology, which allowed us to experiment and fail often but also be aware of our failures before they became unrevokable disasters.
The speaker will attempt to compare and contrast the various methodologies and what lessons we've learned.
