Aleksandar Mancic

To be provided later

  • Discover how EclecticIQ Platform and MISP go together
Andrea Garavaglia

Member of LDO-CERT, Incident Handling, Malware analysis
GIAC Certified Forensic Analyst (GCFA)
Open Source minded
Contributor of MISP, cuckoo, The Hive Project, ApiScout

  • ...And performance for All
Borce Stojkovski

Borce Stojkovski is currently a PhD researcher in Cybersecurity at the SnT, University of Luxembourg, focusing on Socio-technical aspects of security and privacy for system protection. More specifically, Borce conducts research on the role of user experience and collaborates with industry partners to design systems that fulfil user expectations in terms of system security and usability. Prior to this, he worked as an independent consultant and was the CEO of Kavensis, a family-run business.

  • A preliminary user experience evaluation of MISP (Work in Progress)
Christophe Vandeplas

tries to have fun in life

  • Visualizing MISP and ATT&CK data in Maltego
David Thejl-Clayton

Incident responder with a large interest in Threat Intelligence, the proper kind with Diamond models and kill chains!
I currently lead a SOC and incident response team covering most of the Danish financial industry....

  • ElastiMISPStash - Threat data enrichment for the masses!
Dennis Rand

Dennis Rand is working at JN Data a financial hosting company in Denmark where he is focusing around the areas Incident response and Threat intelligence.

  • Utilizing MISP into your Incident reponse plan
Jeroen Klaver

Jeroen Klaver (@s3cdude) has nine years of experience in IT security. He began his career in hosting specialized in secure environment, implementing and administrating PCI-DSS approved systems. Later moving towards working at a SOC, working mulitple positions and ending at senior analyst. Now working as security researcher at KPN security. Jeroen holds the OS3 master degree, GIAC Certified Intrusion Analysts and currently working on OSCP certification.

  • Threat Intelligence Contextualized Knowledge base
Jérôme Leonard

Jérôme lives near some of the best vineyards in France if not in the world. He enjoys climbing rocks and walls and watching highly-rated films such as La Classe Américaine over and over again. He also studies the dark arts of shamanism to be able to identify the attacker just by looking at two letters of a domain name. No wonder he is a very sharp security analyst or whatever they call them these days.

  • TheHive 4 and MISP: What's new?
Leandro Velasco

Leandro Velasco (@LeandroNVelasco), has over 5 years of experience in IT security. He began his career as a security specialist managing SIEM systems and endpoint security products. In his current role, as a member of the security research team at KPN Security, he analyses threats and designs detection or mitigation solutions. After graduating from the OS3(SNE) master, he received the GIAC (SANS) GREM certificate and is currently preparing OSCP. Leandro has spoken at DEFCON 26 Blue Team Village and HackTalk 15.

  • Threat Intelligence Contextualized Knowledge base

Nothing important here... Now or before. It is not important what school or schools or maybe certifications I hold. Who employed me or who is my employer now. Whats important for me You will hopefully see on our slides here.

  • Modeling adversary actions and defense with MISP
MISP Project
  • MISP Project future
  • MISP Project - One year of improvements


  • Modeling adversary actions and defense with MISP
Peter Ferguson
  • Discover how EclecticIQ Platform and MISP go together
Quentin JEROME

Being an Incident Response consultant since several years now. I love developing tools to make my job easier and more efficient and I try to Open Source as much as I can.

  • WHIDS integration with MISP
Richard van den Berg

20 years ago Richard switched from breaking networks to breaking security. After 10 years on the offensive side he now helps to prevent security actually breaking on a national scale. Richard is an early MISP user, having been present at all five MISP summits to date.

  • MISP sync process (or How to make MISP sync 500x faster)
Rocco Di Domenico

Rocco Di Domenico, Threat Intelligence Analyst at LDO-CERT. Studied Computer Science at University of L'Aquila, Italy with a thesis on the analysis of pseudo-random strings with a neural network. My challenge is to evaluate and correlate information to be usable in the decision-making process.

  • A Content-Based Recommendation System for Indicators of Compromise Life Cycle
Sami Mokaddem

Work at CIRCL.

  • The new indicator scoring method introduced in MISP 2.4.116
Sebastien Tricaud

Free Software developer and Enthusiast, focused on Defensive Security tools, Sebastien lectured in various places, such as Usenix,, CanSecWest, First and others.

  • Scaling Sighting
Tammo Krueger

My main focus is the application of machine learning and statistics to real-world problems. For details about some of my projects and publications please visit my personal website.

  • DGA-Detect: Using Machine Learning for Collaborative DGA Detection
Tiago Faria

Tiago has been working in information security for 10 years, focusing on enterprise information security programs and network security monitoring. He's also the founder of 3CORESec, a company that specializes in traffic analyses, automation for incident response and security orchestration.

  • Introducing HAMISPA - High Availability MISP in AWS
Trey Darley

Trey Darley is part of the team, where he serves as a CTI Strategist. Trey also serves alongside Richard Struse as co-chair of the OASIS Cyber Threat Intelligence (CTI) Technical Committee responsible for STIX/TAXII. He's been working in infosec for years - certainly long enough to know better!

  • Dr. StrangeSTIX or: How I Learned to Stop Worrying and Love the MISP