The Malware Information Sharing Platform, or MISP, is an open-source threat intelligence platform deployed across major organizations to consume, catalog, and share IOCs (indicators of compromise). In this session, we'll hear from Beth Young, a Network Security Engineer at a leading financial institution, about their MISP deployment and how it fits in their broader security ecosystem. Then, Mark Kendrick, Director of Product Integrations at DomainTools, will demonstrate three custom-built modules for MISP that bring historical Whois data, risk scoring, and threat actor infrastructure mapping to any investigation in MISP. Mark will also show how the unique correlation capabilities in MISP can link otherwise disconnected pieces of intelligence, especially when an analyst discovers connected infrastructure with DomainTools' APIs.

• Strategies used to protects employees and customers with a custom MISP deployment.
• Tips and techniques for integrating MISP with other security technologies, including a SIEM, an orchestration platform, and web / email filtering tools.
  
• Capabilities of DomainTools modules for MISP, and how to implement them in your security practice.