We have just released a new feature for MISP that allows users to build full blown events that extend an existing event, giving way to a combined event view that includes a sum total of the event along with all extending events.
A new version of MISP 2.4.89 has been released including a new MISP event graph viewer/editor, many API improvements and critical bug fixes (including security related bug fixes).
A new version of MISP 2.4.88 has been released including fuzzy hashing correlation (ssdeep), STIX 1.1 import functionality, various API improvements and many bug fixes
A new version of MISP 2.4.87 has been released including a massive contribution enabling support for internationalisation and localisation in the MISP UI (a huge thank to Steve Clement of CIRCL for the tedious work), as well as a host of improvements to the UI, feed and APIs, including bug fixes and speed improvements.
A new version of MISP 2.4.86 has been released including improvements to the sharing groups and their respective APIs, granular access control of MISP-modules at an instance-level along with the usual set of bug fixes.
Software and hardware vulnerabilities are often discussed, shared, prepared, analysed and reviewed before publication. This process can be tedious as it often includes multiple exchanges between the parties involved, including reporters, proxy-reporters, coordinators, editors and even impacted parties. Some vulnerabilities might be shared and exchanged among trusted parties for months before being officially disclosed. This can generate a significant workload on the staff dealing with a security team, vulnerability assessment team or CNA (CVE Numbering Authorities).
A new version of MISP 2.4.85 has been released including improvements to the feed ingestion performance, warning-list handling and many bug fixes.
A new version of MISP 2.4.83 has been released including attribute level tag filtering on synchronisation, full audit logging via ZMQ or Syslog, user email domain restriction at the org level, many more improvements and bug fixes.
A new version of MISP 2.4.82 has been released including an improved publish-subscribe ZMQ format, improvements in the feeds system, sightings are now ingested and synchronised among MISP instances, many bug fixes and export improvements.
A new version of MISP 2.4.80 has been released including the most awaited MISP objects feature along with other new features, security fix CVE-2017-14337 and improvements.
A new version of MISP 2.4.81 has been released including a significant rework of the graphical visualisation, support for STIX 2.0 export, multiple bug-fixes and improvements for misp-objects.
A new version of MISP 2.4.79 has been released including an important security fix (persistent XSS on comment field), multiple bug fixes and new functionalities.
A new version of MISP 2.4.78 has been released including an important security fix (if you use sharing groups), multiple bug fixes and some new functionalities.
A new version of MISP 2.4.77 has been released including security fixes, bug fixes and various improvements.
This version includes multiple security fixes reported by cert.govt.nz including:
A new version of MISP 2.4.76 has been released including bug fixes and a set of performance improvements at the ingestion level.
A new version of MISP 2.4.75 has been released including bug fixes and a set of performance improvements.
In this release the most important improvement is performance tuning to improve the day-to-day life of the users. The performance improvements are most explicitly on:
A new version of MISP 2.4.74 has been released including new features, improvements and bug fixes.
The ZeroMQ pub-sub feature has been significantly improved in MISP to allow for a complete flexible notification scheme for a host of actions which take place within a MISP instance, such as:
A new version of MISP 2.4.73 has been released including new features, improvements and bug fixes.
A new module type Cortex has been introduced allowing for easy integration of MISP and Cortex. Cortex is the analysis engine part of the TheHive Project which supports expansion services from Cortex within MISP. A new setting has been added to support Cortex similarly to MISP expansion modules where you set the remote Cortex instance. MISP includes a new Cortex attribute type to allow for the raw analysis to be stored along with the event for subsequent analysis.
A new version of MISP 2.4.72 has been released including improvements and important bug fixes.
Improvements have been introduced to better support large MISP instances:
A new version of MISP 2.4.71 has been released including new features, improvements and important bug fixes.
Various bugs fixed in the sharing group synchronisation and delegation. Improvements to the UI popups when using low-resolution (aka potato displays).
© MISP project. Software released under approved open source licenses and content of this website released as CC BY-SA 3.0.
Template by Bootstrapious. Ported to Hugo by DevCows.
