UPDATED - TheHive, MISP & Cortex Integration - Virtual Lab Building Series: Ep11.5
Welcome to my channel! In Episode 11.5 We briefly recap both episodes 10 and 11 of our cyber security virtual lab building series, where we integrated Cortex and MISP with TheHive bringing our Security Operations Center (SOC). Since those videos were uploaded, there have been a few changes to this lab deployment and this video serves as a update to bring everyone up to speed before we move on with the series.
To recap, TheHive is a security incident response platform (SIRP), and together with Cortex and MISP we will be able to create cases/alerts, analyze observables and tap into a wealth of cybersecurity information allowing us to make well informed decisions, giving us the ability to respond to security incidents as quickly as possible.
In this lab we will revisit our setup defined using docker-compose and make some amendments to these services/containers to allow for this integration to happen following a new more convenient method b method by using the improved GUI.
By the end of this lab our SOC will be ready to trigger observables analysis directly from TheHive as well as allow MISP to feed the latest threat alerts directly to TheHive dashboard and should we wish, create new indicators of compromise (IOC's) that we can send back to MISP so others have the opportunity to benefit from our discoveries.
If you have been enjoying this series so far, please don't forget to like and subscribe!
Links used in video:
https://github.com/ls111-cybersec/the...
NOTE: I am not sponsored by or affiliated to any of the products or services mentioned in this video, all opinions are my own based on personal experiences.
DISCLAIMER: All information, techniques and tools showcased in these videos are for educational and ethical penetration testing purposes ONLY. NEVER attempt to use this information to gain unauthorized access to systems without the EXCPLICIT consent of its owners. This is a punishable offence by law in most countries.
#thehive #cortex #docker #misp #cybersecurity #soc
Watch video UPDATED - TheHive, MISP & Cortex Integration - Virtual Lab Building Series: Ep11.5 online without registration, duration hours minute second in high quality. This video was added by user LS111 Cyber Security Education 02 December 2022, don't forget to share it with your friends and acquaintances, it has been viewed on our site 8,13 once and liked it 12 people.