Koen Van Impe

MISP to Azure Sentinel integration

MISP to Azure Sentinel integration Introduction The MISP to Azure / Sentinel integration allows you to upload indicators from MISP to Microsoft Sentinel.

Continue reading

MISP web scraper

MISP web scraper There are a lot of websites that regularly publish reports on new threats, campaigns or actors with useful indicators, references and context information.

Continue reading

Creating a MISP Object, 101

MISP Objects MISP objects are containers around contextually linked attributes. They support analysts in grouping related attributes and describing the relations that exist between the data points in a threat event.

Continue reading

MISP service monitoring with Cacti

MISP service monitoring with Cacti Introduction A previous post covered how to do MISP service monitoring with OpenNSM. Because having different options is good, this post covers how to achieve similar results with Cacti.

Continue reading

Creating a MISP Galaxy, 101

MISP Galaxies MISP Galaxies and Clusters are an easy way to add context to data. Compared to the relatively simple concept of tags and taxonomies, they allow you to add more complex data structures.

Continue reading