Friday, November 12, 2021
Slashing, Sharing and Reaping the Rewards: Securing the world one IOC at a time using Chatbots to search and share Threat Intel
Gathering, analyzing and sharing threat intelligence is still too hard. From private threat intel sharing groups to Twitter to industry blogs, IOCs come in thick and fast and, unfortunately, non-standardized. In this workshop we'll show how anyone can build interactive chatbots using Slack, Microsoft Teams, Discord, together with automation platforms, to gather, standardize and enrich threat intel, search for it within their environments and, more importantly, share it - keeping their organizations and the wider information security community safe. We'll show how to simply and easily use the APIs of free online tools and platforms like IOCParser, VirusTotal, APIVoid, Greynoise and other tools to automate threat intel processes.
ATTENDEES: Please bring a laptop.
This workshop will introduce jupyter notebooks through the Google Colab platform and explain why it is a must-use tool for producing dynamic reports and proof of concept scripts. We will then walk through how we can use Jupyter Notebooks and pandas to parse public security datasets of CVEs from NVD and DNS data from Cisco.
ATTENDEES: Please bring a laptop and have a Google account with access to https://colab.research.google.com/