MISP
MISP
Details
Author |
Nils Kuhnert, CERT-Bund |
Version |
2.1 |
License |
AGPL-V3 |
Website |
|
Requires Registration |
No |
Requires Subscription |
No |
Free Subscription Available |
Yes |
DataType Supported |
domain, ip, url, fqdn, uri_path, user-agent, hash, mail, mail_subject, registry, regexp, other, filename |
Service Homepage |
Description
Query multiple MISP instances for events containing an observable.
Configuration
Name |
Description |
name |
Name of MISP servers |
url |
URL of MISP servers |
key |
API key for each server |
cert_check |
Verify server certificate |
cert_path |
Path to the CA on the system used to check server certificate |
Additional details from the README file:
MISP
MISP A threat intelligence platform for gathering, sharing, storing and correlating Indicators of Compromise of targeted attacks, threat intelligence, financial fraud information, vulnerability information or even counter-terrorism information.
The analyzer comes in a single flavour that will return MISP additional information for provided observable.
Requirements
You need a valid MISP API integration to use the analyzer.
Provide your API key as values for the
keyparameter.