Malware Information Sharing Platform (MISP) is an open-source software solution for collecting, storing, distributing, sharing, and correlating Indicators of Compromise. There can be Indicators of Compromise of targeted attacks, threat intelligence, financial fraud information, vulnerability information, or even counter-terrorism information. The objective of MISP is to foster the sharing of structured information within the security community. MISP provides functionalities to support exchange of information but also consumption of the information by Intrusion Detection Systems (IDS), log analysis tools, and SIEM software.
The MISP features include the following:
There are a number of open MISP communities in which you can participate.
MISP includes many Python® modules for integration with various software programs:
Expansion modules can be of two types:
Modules that display enriched events without modifying the events.
Modules that modify events by enriching them with data and displaying the result.