Blogs

MISP 2.4.138 released (Many improvements including CISA.gov AIS dynamic marking functionality, RSIT galaxy added)

February 10, 2021

MISP 2.4.138 released

We have released 2.4.138, the latest release for MISP along with an update of the JSON libraries.

Continue reading

MISP 2.4.137 released (New exclusion module for the correlation engine, many improvements and security vulnerabilities resolved)

January 20, 2021

MISP 2.4.137 released

We have released 2.4.137, a security and bug fix release including a collection of fixes and improvements collected over the past month.

Continue reading

MISP 2.4.136 released (Cerebrate project integration)

January 18, 2021

MISP 2.4.136 released

Though we’re rather late with the release notes, we did have some goodies to share for the winter festivities, bundled neatly into the 2.4.136 release.

Continue reading

MISP 2.4.135 released (galaxy 2.0)

December 16, 2020

MISP 2.4.135 released

Don’t let the minor version number change fool you, this release is a game changer for MISP and information sharing in general. Galaxy 2.0 brings about the ability to customise Galaxy clusters (threat-actors, @MITREattack or any knowledge base element) as well as to extend and share it within your community. This release also includes many new improvements such as a new authkey system to better handle your API keys in MISP.

Continue reading

MISP 2.4.134 released (new import extractor for the event report, various improvements and fixes)

November 10, 2020

MISP 2.4.134 released

In the previous version of MISP, the new Event Report functionality has been introduced to edit, visualise and share reports in Markdown format, which includes the ability to reference elements from within a MISP event.

Continue reading

MISP 2.4.133 released (major improvements such as the markdown report feature and many UI improvements)

October 16, 2020

MISP 2.4.133 released with major improvements such as the markdown report feature and many UI improvements.

Unstructured/semi-structured report feature

MISP is widely known as a powerful tool to gather, correlate and share information. As a response to the growing information-sharing maturity of the community, more features have been introduced over the past few years to meet analyst skills and requirements.

Continue reading

Event Report - A convenient mechanism to edit, visualize and share reports

October 8, 2020

Event Report: A convenient mechanism to edit, visualize and share reports

MISP is widely known as a powerful tool to gather, correlate and share information. As a response to the growing information-sharing maturity of the community, more features have been introduced over the past few years to meet analyst skills and requirements.

Continue reading

Create an import script for MISP , step-by-step tutorial

By Pauline Bourmeau

September 30, 2020

Create an import script for MISP in Python, step-by-step tutorial

Script description

Example add_github_user.py

Here the goal is to push to MISP information gathered on Github. The script add_github_user.py will be used as an example.

Continue reading

MISP 2.4.132 released (security fix CVE-2020-25766 and bugs fixed)

September 21, 2020

MISP 2.4.132 released

A new version of MISP (2.4.132) has been released with several bugs fixed including an important security fix CVE-2020-25766.

Continue reading

MISP 2.4.131 released (improvements, bug fixes and major update to JavaScript dependencies)

September 8, 2020

MISP 2.4.131 released

A new version of MISP (2.4.131) has been released with improvements, bug fixes and a major update to JavaScript libraries.

Continue reading

MISP service monitoring with Cacti

By Koen Van Impe

August 22, 2020

MISP service monitoring with Cacti

Introduction

A previous post covered how to do MISP service monitoring with OpenNSM. Because having different options is good, this post covers how to achieve similar results with Cacti. For those not familiar with Cacti: it is a network graphing solution designed to harness the power of RRDTool’s data storage and graphing functionality.

Continue reading

MISP 2.4.130 released (Various fixes, performance improvements and new features)

August 21, 2020

MISP 2.4.130 released

A new version of MISP (2.4.130) has been released with performance improvements, multiple bugs fixed and new features.

Continue reading

MISP service monitoring (and a bit of healing) with OpenNMS

By Sascha Rommelfangen

August 18, 2020

MISP service monitoring (and a bit of healing) with OpenNMS

Introduction:

Many organisations adore how quick and easy MISP can be set up. Once it’s running, people start integrating it into their processes and begin to rely on it, for instance by exporting indicators and using them in security or network focused software. Usually this is the time when MISP becomes a fundamental part in the portfolio of fighting attacks, and the need for reliability grows rapidly.

Continue reading

Creating a MISP Galaxy, 101

By Koen Van Impe

July 31, 2020

MISP Galaxies

MISP Galaxies and Clusters are an easy way to add context to data. Compared to the relatively simple concept of tags and taxonomies, they allow you to add more complex data structures. There is already a large list of galaxies and clusters available as a community effort, and directly accessible within MISP, but it’s always possible these do not fully address your needs.

Continue reading

Publishing open data from MISP

July 30, 2020

Publish data on Open data portals with MISP

The Open data format

Open data defines the idea of making some data freely available for everyone to use with a possibility of redistribution in any form. The open data format provides metadata information describing the datasets along with resources stored within the portal.

Continue reading

MISP 2.4.129 released (merge event improved, event block rule system, security fixes and many bugs fixed)

July 28, 2020

MISP 2.4.129 released

A new version of MISP (2.4.129) has been released with an improved merge functionality, a new event block rule system, many security fixes and bugs fixed.

Continue reading

MISP 2.4.128 released (STIX import/export refactored release edition)

June 24, 2020

MISP 2.4.128 released

A new version of MISP (2.4.128) has been released with a significant refactoring of the STIX import/export along with many improvements and bugs fixed.

Continue reading

MISP 2.4.127 released (decay updates release edition)

June 19, 2020

MISP 2.4.127 released

A new version of MISP (2.4.127) has been released with an improved version of attributes decaying, new set of widgets, many improvements and bugs fixed.

Continue reading

MISP 2.4.126 released (Spring release edition)

June 4, 2020

MISP 2.4.126 released

A new version of MISP (2.4.126) has been released a while ago, though we have forgotten to publish a blog post about it - thanks to @coolacid for the reminder. This version includes a security fix and various quality of life improvements.

Continue reading

MISP 2.4.125 released (aka self-registration feature and feed improvements release)

May 6, 2020

MISP 2.4.125 released

A new version of MISP (2.4.125) has been released. This version includes various improvements including a major refactoring of the feed system, the addition of OTP, a new inbox system to allow for self-registration, sightings in the timeline visualisation and many more improvements.

Continue reading

Search

Tags