MISP
/
misp-book
mirror of https://github.com/MISP/misp-book
2
0
Fork 0
Code Issues Releases Wiki Activity

- Removed the over generic term MISP.

pull/113/head
Steve Clement 2018-05-14 10:57:37 +02:00
parent 75a44af062
commit 463461358d
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
GLOSSARY.md
View File

@ -1,5 +1,6 @@
## MISP Glossary ## MISP Glossary
This glossary is meant as a quick lookup document in case of any need of clarification of any threat sharing, threat-intel lingo. This glossary is meant as a quick lookup document in case of any need of clarification of any threat sharing, threat-intel lingo.
Be careful when adding terms to the glossary. Adding a generic term like: *MISP* will prevent terms like *MISP noticelist* to be addded. As a matter of definition please use the singular of for any terms.
In case you use any CCBYSA licensed content, or other pieces that are subject to licensing, make sure to add it as a by-line at the end of the mention. In case you use any CCBYSA licensed content, or other pieces that are subject to licensing, make sure to add it as a by-line at the end of the mention.
## API ## API
@ -27,10 +28,10 @@ Indicator of compromise (IOC or IoC) is an artefact observed on a network or in
## NIDS ## NIDS
Network Intrusion Detection System eg. Snort, Suricata Network Intrusion Detection System eg. Snort, Suricata
## MISP ## Malware Information Sharing Platform and Threat Sharing
Malware Information Sharing Platform and Threat Sharing. Commonly known simply as MISP. Malware Information Sharing Platform and Threat Sharing. Commonly known simply as MISP.
## MISP Attributes ## MISP Attribute
Attributes in MISP can be network indicators (e.g. IP address), system indicators (e.g. a string in memory) or even bank account details. Attributes in MISP can be network indicators (e.g. IP address), system indicators (e.g. a string in memory) or even bank account details.
◦ A type (e.g. MD5, url) is how an attribute is described. ◦ A type (e.g. MD5, url) is how an attribute is described.
◦ An attribute is always in a category (e.g. Payload delivery) which puts it in a context. ◦ An attribute is always in a category (e.g. Payload delivery) which puts it in a context.