How DomainTools & MISP Enable an Effective Threat Intelligence Program
The Malware Information Sharing Platform, or MISP, is an open-source threat intelligence platform deployed across major organizations to consume, catalog, and share IOCs (indicators of compromise). In this session, we’ll hear from Beth Young, a Network Security Engineer at Jack Henry & Associates, about their MISP deployment and how it fits in their broader security ecosystem. Then, Mark Kendrick, Director of Product Integrations at DomainTools, will demonstrate three custom-built modules for MISP that bring historical Whois data, risk scoring, and threat actor infrastructure mapping to any investigation in MISP. Mark will also show how the unique correlation capabilities in MISP can link otherwise disconnected pieces of intelligence, especially when an analyst discovers connected infrastructure with DomainTools’ APIs.
In this webinar, you will learn
- Strategies Jack Henry uses to protects it’s employees and it’s customers with a custom MISP deployment.
- Tips and techniques for integrating MISP with other security technologies, including a SIEM, an orchestration platform, and web / email filtering tools.
- Capabilities of DomainTools modules for MISP, and how to implement them in your security practice.