Skip to content
Permalink
Browse files

DOC: Readme: add SOCs and some use cases

  • Loading branch information...
wagner-certat committed May 27, 2019
1 parent a09f4f6 commit 153d52aba234ba9b7c4aa824fdb32f9c5dda73e1
Showing with 18 additions and 4 deletions.
  1. +9 −2 README.rst
  2. +9 −2 docs/README.md
@@ -6,8 +6,8 @@ Welcome to IntelMQ!

|Build Status| |codecov.io|

**IntelMQ** is a solution for IT security teams (CERTs, CSIRTs, abuse
departments,...) for collecting and processing security feeds (such as
**IntelMQ** is a solution for IT security teams (CERTs & CSIRTs, SOCs, abuse
departments, etc.) for collecting and processing security feeds (such as
log files) using a message queuing protocol. It's a community driven
initiative called **IHAP** (Incident Handling Automation Project) which
was conceptually designed by European CERTs/CSIRTs during several
@@ -18,6 +18,13 @@ handling processes of CERTs.
Several pieces of software are evolved around IntelMQ. For an overview,
look at the `Ecosystem document <docs/Ecosystem.md>`__.

IntelMQ can be used for
- automated incident handling
- situational awareness
- automated notifications
- as data collector for other tools
- etc.

IntelMQ's design was influenced by
`AbuseHelper <https://github.com/abusesa/abusehelper>`__ however it was
re-written from scratch and aims at:
@@ -7,8 +7,8 @@ Welcome to IntelMQ!
Status](https://travis-ci.org/certtools/intelmq.svg?branch=master)](https://travis-ci.org/certtools/intelmq)
[![codecov.io](https://codecov.io/github/certtools/intelmq/coverage.svg?branch=master)](https://codecov.io/github/certtools/intelmq?branch=master)

**IntelMQ** is a solution for IT security teams (CERTs, CSIRTs, abuse
departments,...) for collecting and processing security feeds (such as
**IntelMQ** is a solution for IT security teams (CERTs & CSIRTs, SOCs abuse
departments, etc.) for collecting and processing security feeds (such as
log files) using a message queuing protocol. It's a community driven
initiative called **IHAP** (Incident Handling Automation Project) which
was conceptually designed by European CERTs/CSIRTs during several
@@ -19,6 +19,13 @@ handling processes of CERTs.
Several pieces of software are evolved around IntelMQ. For an overview,
look at the [Ecosystem document](Ecosystem.md).

IntelMQ can be used for
- automated incident handling
- situational awareness
- automated notifications
- as data collector for other tools
- etc.

IntelMQ's design was influenced by
[AbuseHelper](https://github.com/abusesa/abusehelper)
however it was re-written from scratch and aims at:

0 comments on commit 153d52a

Please sign in to comment.
You can’t perform that action at this time.