Free Software developer and Enthusiast, focused on Defensive Security tools, Sebastien lectured in various places, such as Usenix, Hack.lu, CanSecWest, First and others.
Sighting is the art of tracking when we have first/last seen an element and how many of them. They are voluminous, much larger than indicators. It is a key factor in an investigation to understand if something is new, old, common or unique. While trivial, they are hard to scale given to read/write constraints. This talks explains what has been done to power up MISP Sighting in order to be used at scale.