41 lines
983 B
Plaintext
41 lines
983 B
Plaintext
= Best Practices in Threat Intelligence
|
|
:doctype: book
|
|
:sourcedir: ./best-practices/
|
|
:author: MISP Project
|
|
:toc:
|
|
:icons: font
|
|
|
|
=== Introduction
|
|
|
|
The objective of this book is to compile the best practices in Threat Intelligence Analysis with the support of the Open Source Threat Intelligence platform https://www.misp-project.org/[MISP]. The best practices described here are from Information Sharing communities (ISAC or CSIRT) which are regularly using MISP to support their work and sharing practices.
|
|
|
|
== Best Practices
|
|
|
|
include::{sourcedir}improving-analysis.adoc[]
|
|
|
|
<<<
|
|
|
|
include::{sourcedir}what-to-share.adoc[]
|
|
|
|
<<<
|
|
|
|
include::{sourcedir}expressing-confidence.adoc[]
|
|
|
|
<<<
|
|
|
|
include::{sourcedir}building-workflow.adoc[]
|
|
|
|
<<<
|
|
|
|
== Authors and Contributors
|
|
|
|
- Alexandre Dulaunoy
|
|
- Andras Iklody
|
|
|
|
[glossary]
|
|
== Glossary
|
|
|
|
[glossary]
|
|
ISAC:: Information Sharing and Analysis Center
|
|
MISP:: MISP - Open Source Threat Intelligence Platform & Open Standards For Threat Information Sharing
|