MISP is widely known as a powerful tool to gather, correlate and share information. As a response to the growing information-sharing maturity of the community, more features have been introduced over the past few years to meet analyst skills and requirements.
Here the goal is to push to MISP information gathered on Github. The script add_github_user.py will be used as an example.
A new version of MISP (2.4.132) has been released with several bugs fixed including an important security fix CVE-2020-25766.
A new version of MISP (2.4.131) has been released with improvements, bug fixes and a major update to JavaScript libraries.
A previous post covered how to do MISP service monitoring with OpenNSM. Because having different options is good, this post covers how to achieve similar results with Cacti. For those not familiar with Cacti: it is a network graphing solution designed to harness the power of RRDTool’s data storage and graphing functionality.
A new version of MISP (2.4.130) has been released with performance improvements, multiple bugs fixed and new features.
Many organisations adore how quick and easy MISP can be set up. Once it’s running, people start integrating it into their processes and begin to rely on it, for instance by exporting indicators and using them in security or network focused software. Usually this is the time when MISP becomes a fundamental part in the portfolio of fighting attacks, and the need for reliability grows rapidly.
MISP Galaxies and Clusters are an easy way to add context to data. Compared to the relatively simple concept of tags and taxonomies, they allow you to add more complex data structures. There is already a large list of galaxies and clusters available as a community effort, and directly accessible within MISP, but it’s always possible these do not fully address your needs.
Open data defines the idea of making some data freely available for everyone to use with a possibility of redistribution in any form. The open data format provides metadata information describing the datasets along with resources stored within the portal.
A new version of MISP (2.4.129) has been released with an improved merge functionality, a new event block rule system, many security fixes and bugs fixed.
A new version of MISP (2.4.128) has been released with a significant refactoring of the STIX import/export along with many improvements and bugs fixed.
A new version of MISP (2.4.127) has been released with an improved version of attributes decaying, new set of widgets, many improvements and bugs fixed.
A new version of MISP (2.4.126) has been released a while ago, though we have forgotten to publish a blog post about it - thanks to @coolacid for the reminder. This version includes a security fix and various quality of life improvements.
A new version of MISP (2.4.125) has been released. This version includes various improvements including a major refactoring of the feed system, the addition of OTP, a new inbox system to allow for self-registration, sightings in the timeline visualisation and many more improvements.
A new version of MISP (2.4.124) has been released. This version includes various improvements including a new multiline widgets in the dashboard, auditing improvements and many bugs fixed.
We’re proud to announce the CogSec Collab MISP Community - the first public MISP sharing group dedicated to misinformation and information campaigns.
A new version of MISP (2.4.123) has been released. This version includes various security related fixed, and a new Dashboard system.
A new version of MISP (2.4.122) has been released. This version includes various fixes, minor new features and improvements.
A new version of MISP (2.4.121) has been released. This version is a security/bug fix release and users are highly encouraged to update as soon as possible. Besides that several issues were resolved and some new functionalities were added.
A new version of MISP (2.4.120) has been released, including an extension to the data-model adding the first_seen and last_seen values at the attribute and object levels. The user-interface has been extended with a timeline view/editor per event, allowing users to see all occurrences of attributes and objects based on time. A new quick object edit tool has been added, enabling users to easily add new attributes to already existing objects. A long list of bugs were fixed and various improvements were made in the existing features.
© MISP project. Software released under approved open source licenses and content of this website released as CC BY-SA 3.0.
Template by Bootstrapious. Ported to Hugo by DevCows.
