Το MISP ( Malware Information Sharing Platform & Threat Sharing) είναι μια λύση λογισμικού ανοιχτού κώδικα για τη collection, αποθήκευση, διανομή και κοινή χρήση δεικτών και απειλών σχετικά με την ασφάλεια στον διαδίκτυο και την analysis cyber security incidents.
MISP is designed by and for event analysts, security professionals and ICT or reverse engineers to support their day-to-day operations for efficient structured information exchange.
The goal of MISP is to promote the exchange of structured information within the security community. MISP provides functions for the support the exchange of information, but also the consumption of information from the Network intrusion Detection System (NIDS), LIDS but also log analysis tools, SIEMs.
The exchange of information leads to faster detection of targeted attacks and improves the detection ratio while reducing false threats. We also avoid reversing such malware as we know very quickly that other groups or organizations have already analyzed a particular malware.
Specifications
- efficient IOC and indicators
- correlation
- flexible data model
- sharing functionality
- intuitive user-interface
- storing data
- export
- import
- free text import
- Collaborate
- data-sharing
- delegating of sharing
- API
- Adjustable taxonomy
- Intelligence vocabularies
- Expansion modules in Python
- Sighting support
- STIX support
- Integrated encryption and signing of the notifications
Application snapshots
You can download the program from here.
Instructions on installing the program can be found here.
Instructions for using the program can be found here.