MISPbot
MISPbot
What is MISPbot?
The MISPbot is a simple tool to allow users to interact with MISP via Mastodon or Twitter.
The MISPbot is a simple tool to allow users to interact with MISP via Mastodon or Twitter.
In an era where cybersecurity threats are ever-evolving, the need for robust and secure information sharing platforms is paramount. Enter MISP (Threat Intelligence Sharing Platform), a renowned tool in the cybersecurity arsenal. But how do you deploy such a critical tool in the most secure environments, those that are air-gapped from the outside world? This is where the MISP airgap project comes into play.
MISP 2.4.183 released with a new ECS log feature, improvements and bugs fixed.
Security.ecs_log
to enable this new functionality. A new Security.alert_on_suspicious_logins
to security audit has been added.Many bugs fixed and minor improvements. Feel free to read the detailed changelog
With Zeek 6.0, experimental JavaScript support was added to Zeek, making Node.js and its vast ecosystem available to Zeek script developers to more easily integrate with external systems.
MISP 2.4.182 released with new features, improvements bugs fixed and an important security fix.
show_server_correlations_for_all_users
allowing non-privileged users to view server correlations. [Sami
Mokaddem][Version] bump. [iglocska]
MISP 2.4.180 released with a new security user login profile feature, bugs fixed and many improvements.
Merge remote-tracking branch ‘origin/develop’ into 2.4. [Christophe Vandeplas]
The MISP playbooks at https://github.com/MISP/misp-playbooks address common use-cases encountered by SOCs, CSIRTs or CTI teams to detect, react and analyse intelligence received by MISP. The project started early 2023 and as we’re now ending the year it’s time to look back at its current state and get an early glimpse of the future features.
MISP 2.4.179 released with a host of improvements a security fix and some new tooling.
We currently included our first attempt at an LLM integration for report summarisation and extraction. The development is an outcome of our work with @aaronkaplan during hack.lu 2024 and relies on stochasticCTIExtractor for the extraction and interfacing with LLMs.
MISP 2.4.178 released with many workflow improvements, enhancement and bugs fixed.
totp_delete
added in query builder and API documentation.orgc_id
as valid filter.includeGranularCorrelations
is now exposed in the event RestSearch.cryptocurrency-transaction
and many updates to other objects. For detailed changes, MISP objects changelog.ammunition
, firearms
and many updates in threat actor, Sigma and many other. For detailed changes, MISP galaxy changelogThe MISP projet has its own Mastodon server misp-community.org - don’t forget to follow @misp@misp-community.org on the fediverse. Core contributors of MISP can sign-up if they wish to have an account.
MISP 2.4.177 released with various bugs fixed and improvements.
[tests] testing disabling the timestamp greater as old timestamp for password changes.
MISP 2.4.176 released with various improvements and bugs fixed. This version also includes major improvements in the misp-stix library especially on the storing relationships and the description of relationships in the MISP standard format.
The MISP to Microsoft Sentinel integration allows you to upload indicators from MISP to Microsoft Sentinel. It relies on PyMISP to get indicators from MISP and an Azure App to connect to Sentinel.
MISP 2.4.175 released with various bugs fixed, improvements and security fixes.
start_date
and end_date
options in the MISP dashboard widgets.first_half_year
and second_half_year
timeframe.push_rules
from being required in API requests to the /server/edit
endpoint.Event
key.Thanks to BeDisruptive OSS Team and Centre for Cyber Security Belgium (CCB) for the reporting.
As one of the outcomes of GeekWeek8, MISP now supports a new set of features useful for handling radio frequency information in the Signal Metadata Format Specification) (SigMF), commonly used in Software Defined Radio (SDR), digital signal processing and data analysis applications.
We are thrilled to announce the immediate availability of MISP v2.4.174 with significant workflow improvements, accompanied by a host of quality-of-life enhancements and bug fixes.
We are pleased to announce the immediate availability of MISP v2.4.173 with a new password reset feature, along with a host of quality of life improvements and fixes.
We are pleased to announce the immediate availability of MISP v2.4.172 with new TOTP/HTOP authentication, many improvements and bugs fixed.
New TOTP support are now included in MISP. This functionality works in two modes:
We are pleased to announce the immediate availability of MISP v2.4.171 with a long list of fixes, major STIX 2 improvements and an overhaul over the dashboard widget toolkit.
If you want to push data from your MISP instance to a TAXII server, there are a few steps you need to follow. Firstly, you’ll need to ensure that your MISP instance is configured to export data in a format that the TAXII server can accept. This typically involves converting the data to STIX 2.x format by using the builtin misp-stix converter. Next, you’ll need to establish a connection between your MISP instance and the TAXII server by configuring the appropriate API and collection endpoints in the MISP sync action. Once this is done, you can initiate the data transfer from your MISP instance to the TAXII server by pushing the searched data to the designated API and collection.
© MISP project. Software released under approved open source licenses and content of this website released as CC BY-SA 3.0.
Template by Bootstrapious. Ported to Hugo by DevCows.