Poppy a new Bloom filter format and open source project
Poppy a new Bloom filter format and open source library Introduction At CIRCL we use regularly bloom filters for some of our use cases especially in digital forensic.
MISP 2.4.187 released with security fixes, new features and bugs fixes.
We are pleased to announce the immediate release of MISP 2.4.187, including security fixes, new features and bugs fixes. New Features CLI Enhancements: Added org list to shell commands.
Introducing Standalone Functionality to MISP Modules - A New Era of Flexibility and Efficiency
Introducing Standalone Functionality to MISP Modules: A New Era of Flexibility and Efficiency In the ever-evolving landscape of information security, the need for adaptable and efficient tools has never been greater.
MISP 2.4.186 released with analyst data feature including analyst notes, opinions and relationships.
We are pleased to announce the immediate release of MISP 2.4.186, which includes two major new feature called “Analyst Data” and “Collections” along with an extension to the MISP standard format.
HarfangLab Use-Case with MISP
EDR Use-Cases with MISP Historically, teams shared indicators of compromise (IOCs) via email in documents that were often difficult to analyze and challenging to automate for processing.
MISP 2.4.185 released with sighting performance improvements, security and bugs fixes
We are happy to announce the immediate availability of MISP 2.4.185. This is mainly a bug fix release resolving several issues as well as tightening the security posture of the org image handling.
MISP 2.4.184 released with performance improvements, security and bugs fixes.
MISP 2.4.184 released with performance improvements, security and bugs fixes. Improvements Speed up improvements in ssdeep correlation and many other parts of MISP.
MISPbot
MISPbot What is MISPbot? The MISPbot is a simple tool to allow users to interact with MISP via Mastodon or Twitter.
Bridging the Gap: Introducing MISP Airgap for Secure Environments
Bridging the Gap: Introducing MISP Airgap for Secure Environments In an era where cybersecurity threats are ever-evolving, the need for robust and secure information sharing platforms is paramount.
MISP 2.4.183 released with new ECS log feature, improvements and bugs fixed
MISP 2.4.183 released with a new ECS log feature, improvements and bugs fixed. MISP now supports Elastic Common Schema (ECS) security logging.
Using Zeek's new JavaScript support for MISP integration
Using Zeek’s new JavaScript support for MISP integration With Zeek 6.0, experimental JavaScript support was added to Zeek, making Node.js and its vast ecosystem available to Zeek script developers to more easily integrate with external systems.
MISP 2.4.182 released with new features, improvements bugs fixed and an important security fix.
MISP 2.4.182 released with new features, improvements bugs fixed and an important security fix. MISP Core New Features [event:view] Added new option show_server_correlations_for_all_users allowing non-privileged users to view server correlations.
MISP 2.4.181 hot fix release to disable by default the alert on suspicious login plus some minor fixes.
MISP 2.4.181 hot fix release to disable by default the alert on suspicious login plus some minor fixes. Changes [tools:misp-delegation] Do not use self-documented expression in f-string anymore.
MISP 2.4.180 released with a new security user login profile feature, bugs fixed and many improvements.
MISP 2.4.180 released with a new security user login profile feature, bugs fixed and many improvements. New [api] added X-MISP-AUTH as an alternative header to Authorization, fixes #9418.
Current state of the MISP playbooks
Current state of the MISP playbooks The MISP playbooks at https://github.com/MISP/misp-playbooks address common use-cases encountered by SOCs, CSIRTs or CTI teams to detect, react and analyse intelligence received by MISP.
MISP 2.4.179 released with a host of improvements a security fix and some new tooling.
MISP 2.4.179 released with a host of improvements a security fix and some new tooling. First baby steps taken towards LLM integration We currently included our first attempt at an LLM integration for report summarisation and extraction.
MISP 2.4.178 released with many workflow improvements, enhancement and bugs fixed.
MISP 2.4.178 released with many workflow improvements, enhancement and bugs fixed. Improvements [workflow] Added option to provide a custom JSON in the hashpath picker helper.
MISP 2.4.177 released with various improvements and bugs fixed.
MISP 2.4.177 released with various bugs fixed and improvements. Improvements [dev] added a shell script to generate the restsearch parameters. [CLI] add command to expire active AuthKeys that do not have an IP allowlist set.
MISP 2.4.176 released with various improvements and bugs fixed.
MISP 2.4.176 released with various improvements and bugs fixed. This version also includes major improvements in the misp-stix library especially on the storing relationships and the description of relationships in the MISP standard format.
MISP to Microsoft Sentinel integration with Upload Indicators API
MISP to Microsoft Sentinel integration Introduction The MISP to Microsoft Sentinel integration allows you to upload indicators from MISP to Microsoft Sentinel.