How to Integrate Cortex & MISP with TheHive in your SOC - Virtual Lab Building Series: Ep11
Hey all and welcome to my channel! In Episode 11 of our cyber security virtual lab building series, we are going to integrate Cortex and MISP with TheHive bringing our Security Operations Center (SOC) one step closer to our goal of implementing Security Orchestration, Automation and Response (SOAR) within our SOC.
To recap, TheHive is a security incident response platform (SIRP), and together with Cortex and MISP we will be able to create cases/alerts, analyze observables and tap into a wealth of cybersecurity information allowing us to make well informed decisions, giving us the ability to respond to security incidents as quickly as possible.
In this lab we will revisit our setup defined using docker-compose and make some amendments to these services/containers to allow for this integration to happen.
By the end of this lab our SOC will be ready to trigger observables analysis directly from TheHive as well as allow MISP to feed the latest threat alerts directly to TheHive dashboard and should we wish, create new indicators of compromise (IOC's) that we can send back to MISP so others have the opportunity to benefit from our discoveries.
If you have been enjoying this series so far, please don't forget to like and subscribe!
Links used in video:
https://docs.thehive-project.org/theh...
https://docs.thehive-project.org/theh...
Docker-Compose Configuration Files: https://ls111.me/how-to-integrate-cor...
NOTE: I am not sponsored by or affiliated to any of the products or services mentioned in this video, all opinions are my own based on personal experiences.
DISCLAIMER: All information, techniques and tools showcased in these videos are for educational and ethical penetration testing purposes ONLY. NEVER attempt to use this information to gain unauthorized access to systems without the EXCPLICIT consent of its owners. This is a punishable offence by law in most countries.
#thehive #cortex #docker #misp #cybersecurity #soc
Смотрите видео How to Integrate Cortex & MISP with TheHive in your SOC - Virtual Lab Building Series: Ep11 онлайн без регистрации, длительностью часов минут секунд в хорошем качестве. Это видео добавил пользователь LS111 Cyber Security Education 24 Июнь 2022, не забудьте поделиться им ссылкой с друзьями и знакомыми, на нашем сайте его посмотрели 18,61 раз и оно понравилось 19 людям.