MISP (Malware Information Sharing Platform)
Definition
An open-source threat intelligence platform that enables structured sharing of IOCs and threat intelligence using STIX and other formats. Widely deployed by national CERTs, sectoral ISACs, and large enterprises.
Related terms
- Domain generation algorithm (DGA)
- Code embedded in malware that produces a large set of pseudo-random domain names on a scheduled basis. The malware tries each until...
- Indicator of Compromise (IoC)
- An observable artefact that suggests a system has been involved in a malicious event. Static analysis produces file-based IoCs: cryptographic hashes, embedded...
- Pyramid of Pain
- A model proposed by David Bianco that ranks IOC types by the cost to an attacker of changing them when defenders start...
- STIX (Structured Threat Information eXpression)
- An OASIS open standard that defines a JSON-based language for describing cyber threat intelligence. STIX 2.1 defines objects for indicators, threat actors,...
- TAXII (Trusted Automated eXchange of Intelligence Information)
- The transport protocol companion to STIX. TAXII defines how STIX data is exchanged between servers and clients over HTTPS, enabling automated ingestion...
Explained in
- Indicators of Compromise: Identification and UseAn open-source threat intelligence platform that enables structured sharing of IOCs and threat intelligence using STIX and other formats. Widely deployed by na...