Which threat intel platform should you choose?
Both MISP and CRITs are open source threat intelligence platforms. You may be comparing MISP vs. CRITs because you'd like to use an open source platform to handle your threat intelligence, but aren’t sure of the differences between them.The good news is that there is a clear winner when comparing between these two platforms.
CRITs was originally developed by MITRE, the team behind the ATT&CK framework. Eventually, CRITs transitioned into a fully open-source project maintained by a community of volunteer contributors.
It appears that CRITs may not have survived this transition. The last commit to the CRITs codebase was in July 2019, almost four years ago.
The project is no longer under active development and the community around CRITs has mostly disbanded.
For some types of software this can simply be a sign that the project is feature complete and bug-free. However, this is rarely the case for threat intelligence software, which requires frequent upgrades and security patches to ensure it’s protected against the latest exploits and vulnerabilities.
In comparison, MISP is under daily active development, with new versions and security fixes released every month.
For this reason alone, MISP is clearly a better choice compared to CRITs.
MISP is the most popular threat intelligence platform (TIP) with a large developer community, extensive documentation, many ready-to-use modules and integrations, and frequent new releases.
If MISP seems like the best fit for your organisation, we recommend CloudMISP, our managed MISP service.