mirror of https://github.com/MISP/misp-book
chg: [personas] minor fixes + some links added
parent
620a6a55c5
commit
d1ccce593d
|
@ -261,7 +261,7 @@ Disinformation researcher and journalist
|
|||
|
||||
#### She uses MISP to:
|
||||
- Write/read event reports, create misinformation events using relevant techniques found in a report or sighting.
|
||||
- Join sharing groups and communities (e.g Cogsec Collab) that connect misinformation researchers and responders, share incident data with organizations focusing on response and counter-campaigns.
|
||||
- Join sharing groups and communities (e.g [Cogsec Collab](https://www.misp-project.org/2020/03/26/cogsec-collab-misp-community.html)) that connect misinformation researchers and responders, share incident data with organizations focusing on response and counter-campaigns.
|
||||
- Integrate with the AM!TT Framework (as a galaxy) in order to describe misinformation tactics/techniques, break an incident into techniques that can be analyzed/countered, and check for disinformation through mapping.
|
||||
- Monitor feeds, investigate disinformation using shared indicators in feeds, generate structured intelligence using the automated correlation engine, and decide if there are any falsehoods in data.
|
||||
- Enrich threat data by adding object types, new relationship types (to make the graphs that users can traverse in MISP richer), and taxonomies to cover things like types of threat actors.
|
||||
|
@ -271,7 +271,7 @@ Disinformation researcher and journalist
|
|||
- Distill essential information from a large piece of data, making it clear to the reader what really matters.
|
||||
- Integrate MISP with TheHive for enhanced disinformation investigation and reporting.
|
||||
- Verify that an article (or image, video, etc) doesn’t contain disinformation and verify that a source (publisher, domain, etc) doesn’t distribute disinformation.
|
||||
- Extend MISP for disinformation, adding object types for incidents and narratives, and using AMITT for attack patterns.
|
||||
- Extend MISP for disinformation, adding object types for incidents and narratives, and using [AMITT](https://www.misp-project.org/galaxy.html#_misinformation_pattern) for attack patterns.
|
||||
|
||||
## Other personas
|
||||
Malcolm represents users that we care about but aren't so important to us.
|
||||
|
|
Loading…
Reference in New Issue