MISP Model of Governance

MISP Model of Governance

MISP project is a large open source project with the goal to make viable tools and format to improve information sharing at large. In order to achieve our goals, the MISP project gathers feature requests, feedback and bug reports from different sources. As described in the graph below, we have various sources that we use, including MISP user-groups, direct community feedback via GitHub, MISP trainings and the yearly MISP summit.

MISP governance overview

Features and Roadmap

The features in the MISP project are built from practical use-cases in information security, intelligence communities, incident response teams and fraud analysis groups. These groups provide their input via the different methods mentioned above. Some groups are actively taking part in developing the MISP project whilst many others contribute by providing bug reports, feature requests or proposals to enhance the project. As the various communities have common goals, the MISP core team maintains the list of features and prioritises the implementation based on the impact and usefulness in the different groups and communities.

Contributing

If you would like to contribute your feedback or ideas to the MISP project, the most common approach is to open a GitHub issue describing your feature request or feedback. Our model of contribution is open and our code of conduct is available in the MISP core project.

How can you support MISP?

Every contribution is important. We think that supporting the project can be done in various ways including:

  1. Supporting with code to our many repositories and tools through pull-requests or by auditing the software,
  2. Supporting with documentation and the MISP book,
  3. Supporting with the creation or enhancement of existing classifications schemes (misp-galaxy, misp-taxonomies), and formats (misp-objects
  4. Supporting by supporting others
  5. Supporting financially, through MISP Professional Services or by helping us to acquire grants. code contributions (via pull-request), documentation improvements (misp-book), the creation or enhancement of existing classifications schemes (misp-galaxy, misp-taxonomies), formats (misp-objects, misp-rfc), tools (via PyMISP or tools supporting the MISP format) or expansions (misp-modules).

More details on contributing can be found on the contributing page.

Funding

The MISP project is financially and resource supported by CIRCL - Computer Incident Response Center Luxembourg.

A CEF (Connecting Europe Facility) funding under CEF-TC-2016-3 - Cyber Security has been granted from 1st September 2017 until 31th August 2019 as Improving MISP as building blocks for next-generation information sharing.

If you are interested to co-fund projects around MISP, feel free to get in touch with us.