MISP 2.4.189 released with bug fixes, performance improvements and a new blocklist feature.
We are pleased to announce the immediate release of MISP 2.4.189, released with bug fixes, performance improvements and a new blocklist feature.
MISP - Elastic Stack - Docker Lab
MISP - Elastic Stack - Docker This lab explains how to connect MISP to the Elastic Stack in order to leverage IOCs from MISP and trigger alerts based on user defined rules.
Partnership Collaboration between the MISP Project and the Yeti Platform
The MISP Project, renowned for its threat intelligence sharing platform, and Yeti Platform, the Forensics Intelligence platform supporting CTI and DFIR practitioners, are coming together to create a more robust and interconnected open source landscape.
MISP 2.4.188 released major performance improvements and many bugs fixed.
We are pleased to announce the immediate release of MISP 2.4.188, with major performance improvements and many bugs fixed. New Features Datasource Improvements: Updates to some datasources with the ignoreIndexHint parameter (mysqlExtended, mysqlObserverExtended).
Poppy a new Bloom filter format and open source project
Poppy a new Bloom filter format and open source library Introduction At CIRCL we use regularly bloom filters for some of our use cases especially in digital forensic.
MISP 2.4.187 released with security fixes, new features and bugs fixes.
We are pleased to announce the immediate release of MISP 2.4.187, including security fixes, new features and bugs fixes. New Features CLI Enhancements: Added org list to shell commands.
Introducing Standalone Functionality to MISP Modules - A New Era of Flexibility and Efficiency
Introducing Standalone Functionality to MISP Modules: A New Era of Flexibility and Efficiency In the ever-evolving landscape of information security, the need for adaptable and efficient tools has never been greater.
MISP 2.4.186 released with analyst data feature including analyst notes, opinions and relationships.
We are pleased to announce the immediate release of MISP 2.4.186, which includes two major new feature called “Analyst Data” and “Collections” along with an extension to the MISP standard format.
HarfangLab Use-Case with MISP
EDR Use-Cases with MISP Historically, teams shared indicators of compromise (IOCs) via email in documents that were often difficult to analyze and challenging to automate for processing.
MISP 2.4.185 released with sighting performance improvements, security and bugs fixes
We are happy to announce the immediate availability of MISP 2.4.185. This is mainly a bug fix release resolving several issues as well as tightening the security posture of the org image handling.
MISP 2.4.184 released with performance improvements, security and bugs fixes.
MISP 2.4.184 released with performance improvements, security and bugs fixes. Improvements Speed up improvements in ssdeep correlation and many other parts of MISP.
MISPbot
MISPbot What is MISPbot? The MISPbot is a simple tool to allow users to interact with MISP via Mastodon or Twitter.
Bridging the Gap: Introducing MISP Airgap for Secure Environments
Bridging the Gap: Introducing MISP Airgap for Secure Environments In an era where cybersecurity threats are ever-evolving, the need for robust and secure information sharing platforms is paramount.
MISP 2.4.183 released with new ECS log feature, improvements and bugs fixed
MISP 2.4.183 released with a new ECS log feature, improvements and bugs fixed. MISP now supports Elastic Common Schema (ECS) security logging.
Using Zeek's new JavaScript support for MISP integration
Using Zeek’s new JavaScript support for MISP integration With Zeek 6.0, experimental JavaScript support was added to Zeek, making Node.js and its vast ecosystem available to Zeek script developers to more easily integrate with external systems.
MISP 2.4.182 released with new features, improvements bugs fixed and an important security fix.
MISP 2.4.182 released with new features, improvements bugs fixed and an important security fix. MISP Core New Features [event:view] Added new option show_server_correlations_for_all_users allowing non-privileged users to view server correlations.
MISP 2.4.181 hot fix release to disable by default the alert on suspicious login plus some minor fixes.
MISP 2.4.181 hot fix release to disable by default the alert on suspicious login plus some minor fixes. Changes [tools:misp-delegation] Do not use self-documented expression in f-string anymore.
MISP 2.4.180 released with a new security user login profile feature, bugs fixed and many improvements.
MISP 2.4.180 released with a new security user login profile feature, bugs fixed and many improvements. New [api] added X-MISP-AUTH as an alternative header to Authorization, fixes #9418.
Current state of the MISP playbooks
Current state of the MISP playbooks The MISP playbooks at https://github.com/MISP/misp-playbooks address common use-cases encountered by SOCs, CSIRTs or CTI teams to detect, react and analyse intelligence received by MISP.
MISP 2.4.179 released with a host of improvements a security fix and some new tooling.
MISP 2.4.179 released with a host of improvements a security fix and some new tooling. First baby steps taken towards LLM integration We currently included our first attempt at an LLM integration for report summarisation and extraction.