Visualising common patterns using MISP and ATT&CK data

Visualising common patterns using MISP and ATT&CK data

Having access to a large amount of Threat information through MISP Threat Sharing communities gives you outstanding opportunities to aggregate this information and take the process of trying to understand how all this data fits together telling a broader story to the next level. We are transforming technical data or indicators of compromise (IOCs) into cyber threat intelligence. This is where the analytical challenge begins.

Continue reading

MISP 2.4.117 released (aka the the pre-conference season release)

MISP 2.4.117 released

A new version of MISP (2.4.117) has been release including major performance improvements in MISP and PyMISP, publish filter emails, throttling restSearch (very useful when you want to limit some users using the API of your MISP instance) and many more improvements.

Continue reading

Benefits of running your own MISP instance

Benefits of running your own MISP instance

One topic that regularly pops up during trainings and users that are just getting started with MISP in general is the question of running your own MISP versus using a hosted MISP instance. We have seen a lot of great efforts by ISACs, organisations with national or sectorial responsibilities leading the charge and acting as a central sharing hub for communities.

Continue reading

MISP 2.4.116 released (aka the new decaying feature)

MISP 2.4.116 released

A new version of MISP (2.4.116) has been release, including a long awaited major new feature that deals with decaying indicators in addition to a new ATT&CK sightings export and a new sync priority capability.

Continue reading

Decaying of Indicators - MISP improved model to expire indicators based on custom models

An improved and flexible model to expire indicators

This blog post aims to give a thorough introduction of a new functionality added in MISP 2.4.116, allowing users and organisations to easily expire information depending on their personalised objectives and targets.

Continue reading

MISP 2.4.115 released (aka CVE-2019-16202 and sync speed improvement)

MISP 2.4.115 released

A new version of MISP (2.4.115) with a major security fix (CVE-2019-16202) and various small improvements has been released. We strongly recommend all MISP users update to this version.

Continue reading

MISP 2.4.114 released (aka the community care package release)

MISP 2.4.114 released

A new version of MISP (2.4.114) with some new features supporting collaboration and a list of fixes and small improvements. We strongly recommend to update to this version.

Continue reading

MISP 2.4.113 released (aka the bugs fixing marathon)

MISP 2.4.113 released

A new version of MISP (2.4.113) with tons of fixes and small improvements. We strongly recommend to update to this version.

Continue reading

MISP 2.4.112 released (aka summer fixes and improvement)

MISP 2.4.112 released

A new version of MISP (2.4.112) has been released with a host of API fixes, improvements and a security fix.

Continue reading

MISP 2.4.111 released (aka improved proposal sync)

MISP 2.4.111 released

A new version of MISP (2.4.111) has been released with an improved proposal sync, minor improvements and bugs fixed.

Continue reading

MISP 2.4.110 released (aka local-tags and new MISP modules supporting MISP standard format)

MISP 2.4.110 released

A new version of MISP (2.4.110) has been released with a host of new features, improvements, many bugs fixed and one security fix. Even under the searing summer sun, the MISP-project team is hard at work, whilst enjoying some cocktails (with or without booze).

Continue reading

MISP 2.4.109 released (aka cool-attributes-to-object)

MISP 2.4.109 released

A new version of MISP (2.4.109) has been released with a host of new features, improvements, bug fixes and a minor security fix. We strongly advise all users to update their MISP installations to this latest version.

Continue reading

MISP 2.4.108 released (aka copy-paste-and-sync feature)

A new version of MISP (2.4.108) has been released with a host of new features, improvements and bugs fixed. We strongly advise all users to update their MISP installations to this latest version.

Continue reading

MISP 2.4.107 released (aka similar objects review, yara native export)

A new version of MISP (2.4.107) has been released with a host of new features, improvements and security fixes. We strongly advise all users to update their MISP installation to this latest version.

Continue reading

MISP 2.4.106 released (aka Too many improvements)

A new version of MISP (2.4.106) has been released with a host of improvements, including new features such as a feed cache search, CLI tools to manage your MISP instance along with improved diagnostics.

Continue reading

MISP 2.4.105 released (aka security fix for CVE-2019-10254)

A new version of MISP (2.4.105) has been released to fix a security vulnerability (CVE-2019-10254) in addition to some minor improvements and a fix for the STIX 1.1 import, enabling the import of files with additional namespaces (such as CISCP).

Continue reading

MISP 2.4.104 released (aka too many new features)

A new version of MISP (2.4.104) has been released with a host of new features such as new overlap feed comparator, a new graph visualisation of event and attribute distributions, a history/bookmark system for the REST client and many others.

Continue reading

MISP 2.4.103 released (aka UI improvements)

A new version of MISP (2.4.103) has been released with significant UI improvements (including a new flexible attribute filtering tool at the event level), many bug fixes and a fix to a security vulnerability (CVE-2019-9482) which was affecting sighting visibility.

Continue reading

MISP 2.4.102 released (aka bug fixes and FOSDEM release)

A new version of MISP (2.4.102) has been released with several fixes, various UI improvements, new types and a praise to the open source community.

Continue reading

MISP 2.4.101 released (aka 3 features for free)

A new version of MISP (2.4.101) has been released with 3 main new features (tag collections, improved tag/galaxy selector and MISP instance caching), along with a host of improvements and bug fixes.

Continue reading