Join us at hack.lu 2025 — Info & Registration
Duration: 30 min
Type: Talk
Speakers: Xavier Mertens
Abstract
Born in 2001, the Internet Storm Center (or ISC) is a volunteer-driven threat-monitoring and early-warning program that evolved out of Incidents.org and the DShield consensus intrusion-log project. Leveraging a distributed network of sensors that now contributes tens of millions of firewall and IDS records each day, the ISC correlates this data to track “storms” of malicious activity, publishes a real-time Infocon threat level, and releases daily “Handler Diary” blog posts and a short Stormcast podcast to brief defenders on the latest vulnerabilities, exploits, and malware campaigns. About 40 volunteer handlers spread across several countries analyze submissions, craft tools, and coordinate community response, making the ISC one of the longest-running open sources of actionable situational awareness for incident responders and network operators worldwide. During this presentation, I’ll show you the data that we collect and make available to api, mainly through our API. I will also introduce our worldwide honeypot network (and how easily you can join it to share more data).
Description
The idea of this talk is to make people aware of the data we offer and how you can benefit from it in your day to day hunting tasks. How the ISC works, what are the tools we provide. And, if you’re interested, how you can apply to become a Handler! I’ll also demonstrate live (if Demo God is with me) some cool honeypot features we have.
