41 lines
978 B
Plaintext
41 lines
978 B
Plaintext
= Best Practices in Threat Intelligence
|
|
:doctype: book
|
|
:sourcedir: ./best-practices/
|
|
:author: MISP Project
|
|
:toc:
|
|
:icons: font
|
|
|
|
=== Introduction
|
|
|
|
This book objective is to compile the best practices in threat intelligence analysis with the support of the open source threat intelligence platform called https://www.misp-project.org/[MISP]. The best practices described are from information sharing communities (ISAC or CSIRT) which are regularly using MISP to support their work and sharing practices.
|
|
|
|
== Best Practices
|
|
|
|
include::{sourcedir}improving-analysis.adoc[]
|
|
|
|
<<<
|
|
|
|
include::{sourcedir}what-to-share.adoc[]
|
|
|
|
<<<
|
|
|
|
include::{sourcedir}expressing-confidence.adoc[]
|
|
|
|
<<<
|
|
|
|
include::{sourcedir}building-workflow.adoc[]
|
|
|
|
<<<
|
|
|
|
== Authors and Contributors
|
|
|
|
- Alexandre Dulaunoy
|
|
- Andras Iklody
|
|
|
|
[glossary]
|
|
== Glossary
|
|
|
|
[glossary]
|
|
ISAC:: Information Sharing and Analysis Center
|
|
MISP:: MISP - Open Source Threat Intelligence Platform & Open Standards For Threat Information Sharing
|