MISP Training - Threat Intelligence Extension and API hands-on

MISP Training

Sharing is caring

Target audience: Security Software Developers or Opertional Security DevOps
Languages: EN
Duration: 1 day
Level: Good knowledge of information security fundamentals
30 € no-show fee
     (all prices are understood VAT excluded)

In a continuous effort since 2016, CIRCL frequently gives training sessions about MISP (Malware Information Sharing Platform & Threat Sharing). The purpose is to reach out to security analysts using MISP as a threat intelligence platform along with users using it as an information sharing platform. This is an opportunity for the users to meet the developers and exchange about potential improvements or use-cases using MISP as a threat-intelligence platform.

Training info

MISP is an advanced platform for sharing, storing and correlating Indicators of Compromises (IOCs) from attacks and cybersecurity threats. Today, MISP is used in multiple organizations to store, share, collaborate on malware, and also to use the IOCs to detect and prevent attacks. The aim of this trusted platform is to help improving the countermeasures used against targeted attacks and set up preventive actions. MISP becomes a full-feature information and threat sharing platform to support operational and tactical cybersecurity intelligence.

The MISP training will demonstrate how the platform functions; explain how to share, comment and contribute data, and describe the future developments. This part of the training focuses on the extension aspects of MISP including API, ZMQ or even contributing in the core software. The audience intended for this training are the analysts with some software engineering experience who are willing to expand MISP to suit their integration or extension requirements.

There is a no-show fee of 30,- EUR if you register and don’t join us at the training.


  • MISP interfaces and API. How to use and extend MISP to support your information security operational teams using programmatic interfaces.
  • Be part of the MISP future, how to contribute to MISP not only as a developer but as an active contributor (from documentation to taxonomies).


The training will show the platform, its functionalities and demonstrate how to benefit most from sharing, commenting and contributing on it. At the end of the day, every participant will be knowledgeable in information sharing about cybersecurity threats and become a proficient MISP user and threat intel handler.


For detailed information see our online MISP training materials

Request Training