DeepSec Video: IntelMQ

René Pfeiffer/ February 26, 2016/ Conference, Security

Handling incidents means that you have to handle information quickly. Collecting, collaboration, and getting the right piece of intel in crucial moments is the key. CERTs know this, and this is why there is IntelMQ.

IntelMQ is a solution for collecting and processing security feeds, pastebins, and tweets using a message queue protocol. It’s a community driven initiative called IHAP (Incident Handling Automation Project) which was conceptually designed by European CERTs during several InfoSec events. Its main goal is to give incident responders an easy way to collect & process threat intelligence, thus improving the incident handling processes of CERTs.

Get your messaging right before you run into a (security) incident.

Share this Post

About René Pfeiffer

System administrator, lecturer, hacker, security consultant, technical writer and DeepSec organisation team member. Has done some particle physics, too. Prefers encrypted messages for the sake of admiring the mathematical algorithms at work.