mirror of https://github.com/MISP/MISP
doc: Update README.md with new badges, toc, install tips
Anders Einar Hilden
parent
215234315e
commit
80c4aaa78b
94
README.md
94
README.md
|
|
@ -1,46 +1,53 @@
|
|||
MISP - Threat Intelligence Sharing Platform
|
||||
-------------------------------------------
|
||||
|
||||
|
||||
|
||||
<table>
|
||||
<tr>
|
||||
<td>Latest Release</td>
|
||||
<td><a href="https://badge.fury.io/gh/MISP%2FMISP"><img src="https://badge.fury.io/gh/MISP%2FMISP.svg" alt="GitHub version" height="18"></a></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>CI Action</td>
|
||||
<td><a href="https://github.com/MISP/MISP/actions?query=workflow%3Amisp"><img src="https://github.com/MISP/MISP/workflows/misp/badge.svg" /></a></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Gitter</td>
|
||||
<td><a href="https://gitter.im/MISP/MISP?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge"><img src="https://badges.gitter.im/MISP/MISP.svg" /></a></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Twitter</td>
|
||||
<td><a href="https://twitter.com/MISPProject"><img src="https://img.shields.io/twitter/follow/MISPProject.svg?style=social&label=Follow" /></a></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Localization</td>
|
||||
<td><a href="https://crowdin.com/project/misp"><img src="https://badges.crowdin.net/misp/localized.svg" /></a></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Contributors</td>
|
||||
<td><img src="https://img.shields.io/github/contributors/MISP/MISP.svg" /></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>License</td>
|
||||
<td><img src="https://img.shields.io/github/license/MISP/MISP.svg" /></td>
|
||||
</tr>
|
||||
|
||||
</table>
|
||||
<img align="right" alt="MISP logo" src="./INSTALL/logos/misp-logo.png"/>
|
||||
|
||||
MISP is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threats about cyber security incidents analysis and malware analysis. MISP is designed by and for incident analysts, security and ICT professionals or malware reversers to support their day-to-day operations to share structured information efficiently.
|
||||
|
||||
The objective of MISP is to foster the sharing of structured information within the security community and abroad. MISP provides functionalities to support the exchange of information but also the consumption of said information by Network Intrusion Detection Systems (NIDS), LIDS but also log analysis tools, SIEMs.
|
||||
|
||||
MISP, Malware Information Sharing Platform and Threat Sharing, core functionalities are:
|
||||
● <a href="#core-functions">Core functions</a>
|
||||
● <a href="#website--support">Website / Support</a>
|
||||
● <a href="#php-and-misp">PHP and MISP</a><br>
|
||||
● <a href="#installation">Installation</a>
|
||||
● <a href="#documentation">Documentation</a>
|
||||
● <a href="#contributing">Contributing</a><br>
|
||||
● <a href="#license">License</a>
|
||||
|
||||
<table>
|
||||
<tr>
|
||||
<td>Latest Release</td>
|
||||
<td><a href="https://badge.fury.io/gh/MISP%2FMISP"><img src="https://badge.fury.io/gh/MISP%2FMISP.svg" alt="GitHub version" height="25"></a></td>
|
||||
</tr><tr>
|
||||
<td>CI</td>
|
||||
<td><a href="https://github.com/MISP/MISP/actions?query=workflow%3Amisp"><img src="https://img.shields.io/github/actions/workflow/status/MISP/MISP/main.yml?label=test" height="25" /></a></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Gitter</td>
|
||||
<td><a href="https://gitter.im/MISP/MISP?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge"><img src="https://badges.gitter.im/MISP/MISP.svg" height="25" /></a></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Mastodon</td>
|
||||
<td><a href="https://misp-community.org/@misp"><img src="https://img.shields.io/badge/follow-@misp-purple" height="25" /></a></td>
|
||||
</tr><tr>
|
||||
<tr>
|
||||
<td>Twitter</td>
|
||||
<td><a href="https://twitter.com/MISPProject"><img src="https://img.shields.io/badge/follow-@MISPProject-blue" height="25" /></a></td>
|
||||
</tr><tr>
|
||||
<td>Localization</td>
|
||||
<td><a href="https://crowdin.com/project/misp"><img src="https://badges.crowdin.net/misp/localized.svg" height="25" /></a></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Contributors</td>
|
||||
<td><img src="https://img.shields.io/github/contributors/MISP/MISP.svg" height="25" /></td>
|
||||
</tr><tr>
|
||||
<td>License</td>
|
||||
<td><img src="https://img.shields.io/github/license/MISP/MISP.svg" height="25" /></td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
Core functions
|
||||
------------------
|
||||
- An **efficient IOC and indicators** database, allowing to store technical and non-technical information about malware samples, incidents, attackers and intelligence.
|
||||
- Automatic **correlation** finding relationships between attributes and indicators from malware, attack campaigns or analysis. The correlation engine includes correlation between attributes and more advanced correlations like Fuzzy hashing correlation (e.g. ssdeep) or CIDR block matching. Correlation can also be enabled or event disabled per attribute.
|
||||
- A **flexible data model** where complex [objects](https://www.misp-project.org/objects.html) can be expressed and **linked together to express threat intelligence, incidents or connected elements**.
|
||||
|
|
@ -73,16 +80,27 @@ A sample event encoded in MISP:
|
|||
Website / Support
|
||||
------------------
|
||||
|
||||
Checkout the [website](https://www.misp-project.org) for more information about MISP software, standards, tools and communities.
|
||||
Checkout the [website](https://www.misp-project.org) for more information about MISP software, standards, tools and communities.
|
||||
|
||||
Information, news and updates are also regularly posted on the [MISP project twitter account](https://twitter.com/MISPProject) or the [news page](https://www.misp-project.org/news/).
|
||||
Information, news and updates are also regularly posted on the MISP project [Mastodon account](https://misp-community.org/@misp), [twitter account](https://twitter.com/MISPProject) and [news page](https://www.misp-project.org/news/).
|
||||
|
||||
PHP and MISP
|
||||
-------------
|
||||
MISP currently **requires PHP 7.4**, an end-of-life version of PHP. Because of this it is recommended that you only run MISP on distributions or PHP installs that you know will get security fixes backported, like Red Hat or Debian and derratives.
|
||||
|
||||
MISP 3.x, currently in development will support PHP 8.x.
|
||||
|
||||
|
||||
Installation
|
||||
-------------
|
||||
For test- og production installations we recommend you check out the possible options on [misp-project.org/download](https://www.misp-project.org/download/).
|
||||
|
||||
Documentation
|
||||
-------------
|
||||
|
||||
[MISP user-guide (MISP-book)](https://github.com/MISP/misp-book) is available [online](https://www.circl.lu/doc/misp/) or as [PDF](https://www.circl.lu/doc/misp/book.pdf) or as [EPUB](https://www.circl.lu/doc/misp/book.epub) or as [MOBI/Kindle](https://www.circl.lu/doc/misp/book.mobi).
|
||||
|
||||
For the installation guide see the [INSTALL](https://github.com/MISP/MISP/tree/2.4/INSTALL) or [download section](https://www.misp-project.org/download/).
|
||||
It is also recommended to read the [FAQ](https://github.com/MISP/MISP/wiki/Frequently-Asked-Questions)
|
||||
|
||||
Contributing
|
||||
------------
|
||||
|
|
|
|||
Loading…
Reference in New Issue