Details
Author | Nils Kuhnert, CERT-Bund |
Version | 2.1 |
License | AGPL-V3 |
Website | https://github.com/BSI-CERT-Bund/cortex-analyzers |
Requires Registration | No |
Requires Subscription | No |
Free Subscription Available | Yes |
DataType Supported | domain, ip, url, fqdn, uri_path, user-agent, hash, mail, mail_subject, registry, regexp, other, filename |
Service Homepage | MISP |
Description
Query multiple MISP instances for events containing an observable.
Configuration
Name | Description |
name | Name of MISP servers |
url | URL of MISP servers |
key | API key for each server |
cert_check | Verify server certificate |
cert_path | Path to the CA on the system used to check server certificate |
Additional details from the README file:
MISP A threat intelligence platform for gathering, sharing, storing and correlating Indicators of Compromise of targeted attacks, threat intelligence, financial fraud information, vulnerability information or even counter-terrorism information.
The analyzer comes in a single flavour that will return MISP additional information for provided observable.
You need a valid MISP API integration to use the analyzer.
- Provide your API key as values for the
key
parameter.