MISP is a threat intelligence platform for sharing, storing and correlating Indicators of Compromise of targeted attacks, threat intelligence, financial fraud information, vulnerability information or even counter-terrorism information. Within a…
[Part 3] Building a Threat Integration and Testing Lab – Splunk Enterprise
As a bake off for the Threat Lab and Incident Response capabilities, we will also be installing Splunk Enterprise. This will be in the 30 day trial mode, so it…
[Part 2] Building a Threat Integration and Testing Lab – Elastic Cloud Enterprise (On-Premises)
You can potentially use a Cloud-hosted instance of Elastic Cloud Enterprise, however since I am trying to avoid putting this environment on the Internet, I will be building ECE in…
[Part 1] Building a Threat Integration and Testing Lab
For this article and subsequent articles, I will be talking through the installation, configuration, and integration components in building an integrated threat and incident response lab. The primary purpose of…