Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

DOVINCI - Cyber Threat Intelligence Platform


Published on

GARR Conference 2019 - Politecnico di Torino

Published in: Technology
  • Be the first to comment

  • Be the first to like this

DOVINCI - Cyber Threat Intelligence Platform

  1. 1. Dovinci – Cyber Threat Intelligence Platform Gianni Amato GARR Conference 2019 Politecnico di Torino, 4 giugno 2019
  2. 2. Sorgenti di Informazione OSINT Social Twitter stream Facebook page Blog Website Forum Paste Blacklist CLOSINT Forum Mailing list Servizi Telegram (next step) IRC Email Password Contatti IP addr #Operation DDoS Deface XSS SQLi Hardware Software Campagne malware Phishing Malware 0-day Data Breach Hacktivism
  3. 3. Formati Eterogenei e Processo di Normalizzazione Acquisisce Normalizza Memorizza Rileva Visualizza e Allerta Formati Omogenei Feed RSS Json XML CSV Formati Eterogenei «Testi e Liste non strutturate» (es. le blacklist) Body contains Keyword AND deface OR tangodown OR ………….. OR breach {Kp AND [k1 OR (K2 AND K3) OR Kn]} Rules
  4. 4. Dovinci dashboard
  5. 5. Il Paese che cambia passa da qui. | Gianni Amato