MISP is the Open Source Threat Intelligence and Sharing Platform. It’s an extremely popular and powerful tool for threat intelligence. This page is where we share MISP guides, training and resources.
CloudMISP is our managed MISP service.
For many organisations, MISP serves as a repository of knowledge about all the known threats and vulnerabilities an organisation has seen.
By giving this information a consistent structure, the information becomes searchable, making it easier to correlate information across different days, months and years without relying on the memory of security analysts.
If you’ve worked with cyber threat intelligence (CTI) for any length of time, you’ve probably run into one or both of the MISP and STIX data formats.
While their aims are similar, they approach the problem of describing cyber threats in significantly different ways.
MISP vs. OpenCTI
MISP vs. Anomali ThreatStream
MISP vs. YETI
MISP vs. CRITs
MISP vs. Recorded Future
MISP vs. ThreatQ
How to use MISP?
Deploying MISP on AWS
Deploying MISP on Kubernetes
MISP Taxii Push
MISP Feeds