DeepSec Video: IntelMQ

Handling incidents means that you have to handle information quickly. Collecting, collaboration, and getting the right piece of intel in crucial moments is the key. CERTs know this, and this is why there is IntelMQ.

IntelMQ is a solution for collecting and processing security feeds, pastebins, and tweets using a message queue protocol. It’s a community driven initiative called IHAP (Incident Handling Automation Project) which was conceptually designed by European CERTs during several InfoSec events. Its main goal is to give incident responders an easy way to collect & process threat intelligence, thus improving the incident handling processes of CERTs.

Get your messaging right before you run into a (security) incident.

Tags: , , ,

Comments are closed.