Release date: 2025-08-20
MISP 2.5.19 brings important fixes, improvements to the on-demand correlation engine, refinements in the task scheduler, and better error handling.
We are pleased to announce the release of MISP v2.5.18, featuring a brand-new on-demand correlation engine, new improved task scheduling, Forgejo CI integration, and a wide range of fixes and refinements.
We are thrilled to announce two new releases for the MISP project: a significant feature and performance release, v2.5.16, and a stable maintenance release, v2.4.214.
We are thrilled to announce a dual release of MISP, bringing significant enhancements to both our stable and development branches with versions 2.4.213 and 2.5.15.
We are excited to announce the parallel release of two new MISP versions: 2.5.13 for our latest branch and 2.4.211 for the 2.4 branch. These releases are packed with critical security patches, a major overhaul of the search functionality, and a host of improvements and bug fixes to enhance your threat intelligence experience.
This release provides a critical round of security fixes, significant improvements to attribute validation, and UI enhancements for event views and analyst workflows. Multiple components including Galaxy, STIX, and warning lists were also updated. Special attention has been given to improving compatibility, performance, and documentation.
This release introduces several new features, important security fixes, and major improvements to the workflow engine, sharing group logic, and plugin handling. It also includes enhancements developed during hackathon.lu 2025.
MISP already offers several ways to examine what is happening on your instance:
.json to the URL to retrieve the raw data.)These tools are invaluable for quick checks, yet they stop short of answering a few questions:
This release introduces important security fixes, enhancements in authentication plugin handling, and better cache management in the workflow editor. It also updates various MISP components and improves remote sync behavior.
This dual release of MISP (versions 2.4.207 and 2.5.9) brings significant stability improvements, better performance, and architectural refinements, particularly around background job handling, workflow modules, and Galaxy cluster operations.
MISP v2.4.206 and v2.5.8 introduces new workflow modules, enhanced object relationship management and significant improvements to the event synchronisation mechanism. Key highlights include improved a reworked attribute search functionality, better handling of event reports, and various security fixes. Additionally, numerous optimizations and bug fixes enhance stability and performance.
The MISP Project is pleased to announce the release of MISP v2.5.7 and v2.4.205, bringing several new features, important fixes, and enhancements to improve the overall user experience and platform functionality. This release addresses critical improvements in synchronization filtering, correlation management, and UI enhancements, ensuring a more stable and efficient MISP environment.
The MISP Analyst Data format, part of the broader MISP-standard.org ecosystem, represents a significant step forward in structuring and exchanging cyber threat intelligence. Developed in collaboration with industry partners, this format builds upon the lessons learned from OASIS STIX, addressing its practical shortcomings while ensuring greater efficiency, flexibility, and usability for analysts.
The MISP team is excited to announce the release of MISP v2.5.6 and MISP v2.4.204. These updates bring several new features, fixes, and performance improvements to enhance the platform’s usability and efficiency. Here’s a summary of the key changes:
We are thrilled to announce the release of MISP v2.4.203 and MISP v2.5.5, bringing a range of new features, improvements, and fixes to enhance the platform’s performance, usability, and security. These updates reflect our ongoing commitment to providing a robust and reliable open-source threat intelligence platform for the community.
rest_client_baseurl is now CLI-only.rest_client_enable_arbitrary_urls description for clarity.Security.disable_form_security, a legacy setting for testing purposes, has been removed.JsonTool::encode() used in JavaScript.upload_file view element.2.4-develop.This release includes several critical security fixes, updates, and enhancements, improving the overall functionality and stability of MISP. Users are encouraged to update promptly to benefit from the latest improvements and security measures.
We are excited to announce the latest updates to MISP with versions v2.5.3 and v2.4.201, which bring numerous enhancements, bug fixes, and security improvements to strengthen threat information sharing capabilities. As with any security release, we highly recommend that you update ASAP and inform your partners to do the same.
FlowIntel is a lightweight and flexible platform built to help teams manage their tasks and cases efficiently. It offers a range of features, from detailed documentation tools to integration with external platforms, ensuring that workflows remain seamless and adaptable to various needs.
The Hack.lu/CTI-Summit once again allowed us to get in touch with the community and sit down to talk about new features and issues to be implemented. As usual, it was a real pleasure to get that much concentrated feedback. In this release, we put a lot of effort trying to fix and create new content as much as possible based on the collected needs of the community.
Hi, in this blog post I am going to share how I have built a framework on Splunk to retrosearch on MISP indicators of compromise.
© MISP project. Software released under approved open source licenses and content of this website released as CC BY-SA 3.0.
Template by Bootstrapious. Ported to Hugo by DevCows.