MISP and Mindflow have partnered to enable users to automate their incident management and better protect their information systems.
MISP Overview
MISP (Malware Information Sharing Platform) is an open-source threat-sharing platform. Your analysts share, store, and correlate IOCs of targeted attacks, threat intelligence, financial fraud information, vulnerability information, or even counter-terrorism information on this platform.
On MISP, the data stored is available to your teammates. It’s also available to your detection systems by generating Snort/Suricata/Bro/Zeek IDS rules, STIX, OpenIOC, text, or CSV exports. The platform also provides ways for import via free-text import, OpenIOC, batch import, sandbox result import, or using the preconfigured or custom templates.
The platform is designed to favor collaborative sharing of analysis and correlation so that, when new data is added, it will show relations with other observables and indicators. This results in a more efficient analysis and allows you to better picture the TTPs, related campaigns, and attribution.
It also provides an extensive IoC and indicators database, storing technical and non-technical information about malware samples, incidents, attackers, and intelligence. Data stored is analyzed for automatic correlation, finding relationships between attributes and indicators from malware, attacks campaigns, or analysis.
Benefits
Store your IOCs in a structured manner, and enjoy the correlation, automated exports for IDS, or SIEM, in STIX or OpenIOC and synchronize to other MISPs to leverage the value of your data without effort and in an automated manner
Share threat intelligence with and receive from trusted partners and trust groups besides your teammates. Sharing also enables collaborative analysis and prevents duplicate work
MISP provides metadata tagging, feeds, and visualization for further analysis and integrations, thanks to its open protocols and data formats
Access to a large amount of Threat information through MISP Threat Sharing communities to aggregate this information and understand the attackers’ point of view
MISP is free to use. Data format and API are entirely open standards and rely on an active community and professional services
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Benefits
