Overview
MISP is a threat intelligence platform for sharing, storing and correlating Indicators of Compromise of targeted attacks, threat intelligence, financial fraud information, vulnerability information or even counter-terrorism information.
MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.
With MISP and MITRE ATT&CK Entities and Transforms , investigators query data from a MISP Threat Sharing instance, browse through other MISP events, attributes, objects, tags,and galaxies. It also permits visualization of the full MITRE ATT&CK framework. For ATT&CK visualization no MISP API keys are needed.
Read more here.
ATT&CK - MISP Machines
MISP Event To All
Automatically expands MISP Objects to their attributes
| Information | Value |
|---|---|
| Id | misp.MISPEventToAll |
| Author | Christophe Vandeplas |
To Attributes & Object Attributes
Also automatically expands MISP Objects to their attributes
| Information | Value |
|---|---|
| Id | misp.MISPEventToAttributes |
| Author | Christophe Vandeplas |