Displaying 1 to 8 from 8 results

MISP - MISP (core software) - Open Source Threat Intelligence Platform (formely known as Malware Information Sharing Platform)

  •    PHP

MISP, is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threat about cyber security incidents analysis and malware analysis. MISP is designed by and for incident analysts, security and ICT professionals or malware reverser to support their day-to-day operations to share structured informations efficiently. The objective of MISP is to foster the sharing of structured information within the security community and abroad. MISP provides functionalities to support the exchange of information but also the consumption of the information by Network Intrusion Detection System (NIDS), LIDS but also log analysis tools, SIEMs.

misp-book - User guide of MISP

  •    CSS

User guide for MISP (Malware Information Sharing Platform) - An Open Source Threat Intelligence Sharing Platform. This user guide is intended for ICT professionals such as security analysts, security incident handlers, or malware reverse engineers who share threat indicators using MISP or integrate MISP into other security monitoring tools. The user guide includes day-to-day usage of the MISP's graphical user interface along with its automated interfaces (API), in order to integrate MISP within a security environment. and many other contributors especially the ones during the MISP hackathons.

misp-compliance - Legal, procedural and policies document templates for operating MISP and information sharing communities

  •    

Legal, procedural and policies document templates for operating MISP and information sharing communities following existing regulations, laws or policies. This repository is a collaborative effort to improve the state of information sharing and exchange within and outside the MISP Project.

misp-galaxy - Clusters and elements to attach to MISP events or attributes (like threat actors)

  •    Python

MISP galaxy is a simple method to express a large object called cluster that can be attached to MISP events or attributes. A cluster can be composed of one or more elements. Elements are expressed as key-values. There are default vocabularies available in MISP galaxy but those can be overwritten, replaced or updated as you wish. Existing clusters and vocabularies can be used as-is or as a template. MISP distribution can be applied to each cluster to permit a limited or broader distribution scheme.




misp-objects - Definition, description and relationship types of MISP objects

  •    Python

MISP objects used in MISP (starting from 2.4.80) system and can be used by other information sharing tool. MISP objects are in addition to MISP attributes to allow advanced combinations of attributes. The creation of these objects and their associated attributes are based on real cyber security use-cases and existing practices in information sharing. Feel free to propose your own MISP objects to be included in MISP. The system is similar to the misp-taxonomies where anyone can contribute their own objects to be included in MISP without modifying software.

misp-rfc - Specifications used in the MISP project including MISP core format

  •    HTML

This repository is the official source of the specification and formats used in the MISP project. The formats are described to support other implementations which reuse the format and ensuring an interoperability with existing MISP software and other Threat Intelligence Platforms.

MISP-Taxii-Server - An OpenTAXII Configuration for MISP

  •    Python

A set of configuration files to use with EclecticIQ's OpenTAXII implementation, along with a callback for when data is sent to the TAXII Server's inbox. You'll then need to set up your TAXII database. As you're using MISP, you'll likely already have a MySQL environment running.

misp-taxonomies - Taxonomies used in MISP taxonomy system and can be used by other information sharing tool

  •    Python

MISP Taxonomies is a set of common classification libraries to tag, classify and organise information. Taxonomy allows to express the same vocabulary among a distributed set of users and organisations. Taxonomies that can be used in MISP (2.4) and other information sharing tool and expressed in Machine Tags (Triple Tags). A machine tag is composed of a namespace (MUST), a predicate (MUST) and an (OPTIONAL) value. Machine tags are often called triple tag due to their format.