MISP ioC retrosearch with misp42 Splunk app.
Introduction
Hi, in this blog post I am going to share how I have built a framework on Splunk to retrosearch on MISP indicators of compromise.
Maltego Integration with MISP
Maltego Integration with MISP
Understanding How Maltego Integrates with MISP Data for Enhanced Cyber Threat Analysis
Table of contents
Introduction
Many organizations run MISP instances with other cybersecurity tools and OSINT for data-driven investigations. Investigators can integrate both internal and external data to map with MISP data in various ways. This blog details how to look up information directly in the MISP community using MISP Transforms on Maltego Graph, highlighting its seamless integration for efficient and comprehensive investigations.
MISP - Elastic Stack - Docker Lab
MISP - Elastic Stack - Docker
This lab explains how to connect MISP to the Elastic Stack in order to leverage IOCs from MISP and trigger alerts based on user defined rules.
MISP to Microsoft Sentinel integration with Upload Indicators API
MISP to Microsoft Sentinel integration
Introduction
The MISP to Microsoft Sentinel integration allows you to upload indicators from MISP to Microsoft Sentinel. It relies on PyMISP to get indicators from MISP and an Azure App to connect to Sentinel.
MISP to Azure Sentinel integration
MISP to Azure Sentinel integration
Introduction
The MISP to Azure / Sentinel integration allows you to upload indicators from MISP to Microsoft Sentinel. It relies on PyMISP to get indicators from MISP and an Azure App and Threat Intelligence Data Connector in Azure.