Jupyterthon_Thomas_Roccia_ThreatIntel.pdf

sneakcozywaking 7 views 19 slides Oct 26, 2025

Slide 1 of 19

About This Presentation

Jupyterthon_Thomas_Roccia

Size: 41.75 MB

Language: en

Added: Oct 26, 2025

Slides: 19 pages

Slide Content

My experience with Jupyter
What is Threat Intelligence?
How Jupyter notebooks can be applied
in Threat Intelligence
Practical examples and tips & tricks

Sharing knowledge is not about
giving people something.
Sharing knowledge occurs when people
are genuinely interested in helping
others to develop new capacities.
It is about creating
learning processes.
- Peter Senge -

Started using Jupyter in 2017
Learning machine learning for
malware detection and classification
Using notebooks to document my
processes and code

What activity are we
seeing?
Observable
What weaknesses does
this threat exploit?
Exploit Target
What threats should I
look for and why?
Indicator
Where has this threat
been seen before?
Incident
Who is responsible for
this threat?
Threat Actor
What does it do?
Procedure
Why does it do this?
Campaign
What can I do about it?
Course of
Action

By exchanging threat intelligence, organizations benefit from the
community’s collective knowledge, experience, and capabilities to
better understand the threats they face.
Threat intelligence sharing is a critical tool for the cybersecurity
community.
It takes the knowledge of one organization and spreads it across
the entire industry to improve all security practices.

Python, C#, C++ and many more... Use for data analysis and data
science
Efficient for incident response,
log analysis, forensics...
Threat intelligence analysis,
analyse data leaks
Enriching data, IOCs...
Creating visualizations

Jupyter allows to exchange knowledge and practical analysis
Share workflow and procedure to analyse
Share practical tools that can be reused
Enhance the capabilities of the team

https://jupyter.securitybreak.io/vt_domain_hunting/VT_Domain_hunting.html

https://jupyter.securitybreak.io/strings_similarity/Strings_Extraction.html

https://jupyter.securitybreak.io/ELK_Threat_Hunting/ELK_Threat_Hunting.html

https://jupyter.securitybreak.io/Conti_Leaks_Analysis/Conti_Leaks_Notebook_TR.html

Add setup instructions
Get to know well your data
(structure, file format... )
Have a broader understanding
before deep diving
Share your notebook with your
team, the community
Document what you are
doing and your code
Use visualization
Get feedback and improve your
next notebook!

Run a command from Jupyter using "!" or magic command using "%"
Using the "%%writefile" magic saves the contents of that cell to an external file.

"%pycat" does the opposite, and shows the syntax highlighted contents of an external file.

https://jupyter.securitybreak.io

Sharing data is nice, sharing how to process that data is
better!
Jupyter is the perfect companion for workflow and high
value procedures.
Notebooks are repeatable, explainable and most of all
shareable.

Jupyterthon_Thomas_Roccia_ThreatIntel.pdf

About This Presentation

Slide Content

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

Jupyterthon_Thomas_Roccia_ThreatIntel.pdf

About This Presentation

Slide Content

Slide 3

Slide 4

Slide 5

Slide 6

Slide 7

Slide 8

Slide 9

Slide 10

Slide 12

Slide 13

Slide 14

Slide 15

Slide 16

Slide 17

Slide 18

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

8-top-ai-courses-for-customer-support-representatives-in-2025.pptx

7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx

25-essential-ai-courses-for-user-support-specialists-in-2025.pptx

8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx

Know for Certain

PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx