Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Intel Sources #1178

Closed
xsallowed opened this issue May 26, 2016 · 5 comments
Closed

Intel Sources #1178

xsallowed opened this issue May 26, 2016 · 5 comments
Labels
automation T: support topic: API WaitingAnswer
Milestone

Comments

@xsallowed
Copy link

xsallowed commented May 26, 2016

Hi
I am trying to integrate criticathreat intel feeds and OTX feeds with MISP. Is there a quick and easy way of achieving the same? Do you have a list of threat intel sources that can be integrated with MISP at the moment?

@eg132
Copy link

eg132 commented May 26, 2016

@xsallowed
Copy link
Author

xsallowed commented May 28, 2016

Thanks
Do you have any other scripts for collecting different intel sources in MISP

@adulau
Copy link
Member

adulau commented May 28, 2016

You have many ways to do import intel sources in MISP like:

  • Convert feeds to the existing MISP feed format (like https://www.circl.lu/doc/misp/feed-osint/) by using PyMISP.
  • If the intel source has a lookup service, you can build an expansion module.
  • We are working on a new framework for the import (that will be based on the misp-modules approach) where generic type of import will be supported like CSV or additional format.

I hope this helps.

@xsallowed
Copy link
Author

xsallowed commented May 29, 2016

Thanks this is great! just a quick one. How many intel sources are normal for MISP to have for normal threat intelligence

@Rafiot
Copy link
Member

Rafiot commented Jun 1, 2016

It depends on your definition of "normal" :) You generally never have to much sources.

@Rafiot Rafiot added this to the Support milestone Jun 1, 2016
@rotanid rotanid closed this as completed Oct 16, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
automation T: support topic: API WaitingAnswer
Projects
None yet
Development

No branches or pull requests

5 participants