mirror of https://github.com/MISP/misp-book
chg: [personas] minor fixes + some links added
parent
620a6a55c5
commit
d1ccce593d
|
@ -261,17 +261,17 @@ Disinformation researcher and journalist
|
||||||
|
|
||||||
#### She uses MISP to:
|
#### She uses MISP to:
|
||||||
- Write/read event reports, create misinformation events using relevant techniques found in a report or sighting.
|
- Write/read event reports, create misinformation events using relevant techniques found in a report or sighting.
|
||||||
- Join sharing groups and communities (e.g Cogsec Collab) that connect misinformation researchers and responders, share incident data with organizations focusing on response and counter-campaigns.
|
- Join sharing groups and communities (e.g [Cogsec Collab](https://www.misp-project.org/2020/03/26/cogsec-collab-misp-community.html)) that connect misinformation researchers and responders, share incident data with organizations focusing on response and counter-campaigns.
|
||||||
- Integrate with the AM!TT Framework (as a galaxy) in order to describe misinformation tactics/techniques, break an incident into techniques that can be analyzed/countered, and check for disinformation through mapping.
|
- Integrate with the AM!TT Framework (as a galaxy) in order to describe misinformation tactics/techniques, break an incident into techniques that can be analyzed/countered, and check for disinformation through mapping.
|
||||||
- Monitor feeds, investigate disinformation using shared indicators in feeds, generate structured intelligence using the automated correlation engine, and decide if there are any falsehoods in data.
|
- Monitor feeds, investigate disinformation using shared indicators in feeds, generate structured intelligence using the automated correlation engine, and decide if there are any falsehoods in data.
|
||||||
- Enrich threat data by adding object types, new relationship types (to make the graphs that users can traverse in MISP richer), and taxonomies to cover things like types of threat actors.
|
- Enrich threat data by adding object types, new relationship types (to make the graphs that users can traverse in MISP richer), and taxonomies to cover things like types of threat actors.
|
||||||
- Classify events, indicators, and threats using taxonomies (such as the Admiralty Scale taxonomy), which ranks the reliability of a source and the credibility of the information.
|
- Classify events, indicators, and threats using taxonomies (such as the Admiralty Scale taxonomy), which ranks the reliability of a source and the credibility of the information.
|
||||||
|
|
||||||
#### Her objectives are to:
|
#### Her objectives are to:
|
||||||
- Distill essential information from a large piece of data, making it clear to the reader what really matters.
|
- Distill essential information from a large piece of data, making it clear to the reader what really matters.
|
||||||
- Integrate MISP with TheHive for enhanced disinformation investigation and reporting.
|
- Integrate MISP with TheHive for enhanced disinformation investigation and reporting.
|
||||||
- Verify that an article (or image, video, etc) doesn’t contain disinformation and verify that a source (publisher, domain, etc) doesn’t distribute disinformation.
|
- Verify that an article (or image, video, etc) doesn’t contain disinformation and verify that a source (publisher, domain, etc) doesn’t distribute disinformation.
|
||||||
- Extend MISP for disinformation, adding object types for incidents and narratives, and using AMITT for attack patterns.
|
- Extend MISP for disinformation, adding object types for incidents and narratives, and using [AMITT](https://www.misp-project.org/galaxy.html#_misinformation_pattern) for attack patterns.
|
||||||
|
|
||||||
## Other personas
|
## Other personas
|
||||||
Malcolm represents users that we care about but aren't so important to us.
|
Malcolm represents users that we care about but aren't so important to us.
|
||||||
|
@ -293,7 +293,7 @@ Data Scientist
|
||||||
#### His primary goals are to:
|
#### His primary goals are to:
|
||||||
- Develop tools to help businesses detect threats so they can develop solid plans of action and better protect themselves.
|
- Develop tools to help businesses detect threats so they can develop solid plans of action and better protect themselves.
|
||||||
- Make predictions, perform data analysis, and detect patterns in data.
|
- Make predictions, perform data analysis, and detect patterns in data.
|
||||||
- Support the threat analysis team with the development of new and innovative ways of extracting insight from large sets of structured and unstructured data.
|
- Support the threat analysis team with the development of new and innovative ways of extracting insight from large sets of structured and unstructured data.
|
||||||
- Translate complex data into relevant insights and visualize information.
|
- Translate complex data into relevant insights and visualize information.
|
||||||
|
|
||||||
#### He uses MISP to:
|
#### He uses MISP to:
|
||||||
|
|
Loading…
Reference in New Issue