split the work in two parts (questions, Answers) + fix some syntax errors

2023-04-26 11:47:27 +02:00 · 2023-04-26 11:47:27 +02:00 · ebc6cdae0b
parent 2c7d79b240
commit ebc6cdae0b
4 changed files with 373 additions and 6 deletions
--- a/what-misp-can-do/README.md
+++ b/what-misp-can-do/README.md
@ -7,6 +7,17 @@ Everyone can [contribute] (https://github.com/MISP/misp-book) by proposing new f

 _Answers labbeled with_ [**NOT DONE**] _tag need to be completed as they do not give much detail about the way in practice to get this feature up. After the label, there are complementary informations/suggestions to precise what other infos should be added to make the process clearer._

+## MISP Capabilities Question list
+
+> Is MISP capable of applying custom taxonomies to threat data in a predefined or manual way?
+
+> Can theses taxonomies remain local and not shared? 
+
+> Is MISP capable of providing automatic classification of information?
+
+> Does MISP have the capability to apply marking, tagging and confidence at event, attribute, feed and source levels in a predefined way?
+
+
 > Is MISP capable of applying custom taxonomies to threat data in a predefined or manual way?

 Yes, MISP has already [144](https://www.misp-project.org/taxonomies.html "144") different [taxonomies](https://www.circl.lu/doc/misp/GLOSSARY.html#misp-taxonomies "taxonomies") that gathered 951 [predicates](https://github.com/MISP/misp-taxonomies). But if none of them suit you, you can add your own: Just read [this guide](https://www.circl.lu/doc/misp/taxonomy/#adding-taxonomy-in-misp) or [this one](https://www.circl.lu/assets/files/misp-training/first2016/2-MISP-Taxonomies.pdf). It explains you step by step how to create your own. 
@ -19,7 +30,7 @@ This feature enables you to add tags when specific events are triggered such as:
 - _After enrichement process has been done_
 - _Full list of trigger module is available [here](https://localhost/workflows/triggers)_

-You can as well attach tags to sepecific set of data such as  (specfic attribute type/category/value/etc...)
+You can as well attach tags to specific set of data such as specfic attribute type, category, value [...]

 All worflow modules and triggers are available at the MISP_URL/Workflow/triggers ou MISP_URL/Workflow/modules.

@ -38,8 +49,7 @@ Finally, you can use the MISP workflow feature to block certain tags to be publi
 Depends on your definition of automatic. We script it using MISP APIs normally. 

 [**NOT DONE**]
-==> **Need to be developp with some high level examples in order to be more understandable. (What MISP API query or PyMISP fuction enable us to make classification of information in a automative way. How to use them in order to classify information in an automative way ? Give few examples)
-**
+==> **Need to be developp with some high level examples in order to be more understandable. (What MISP API query or PyMISP fuction enable us to make classification of information in a automative way. How to use them in order to classify information in an automative way ? Give few examples)**

 > Does MISP have the capability to manage marking and confidence information, e.g. TLP?

--- a/what-misp-can-do/light-bulb.jpg
+++ b/what-misp-can-do/light-bulb.jpg
--- a/what-misp-can-do/link-symbol.svg
+++ b/what-misp-can-do/link-symbol.svg
--- a/what-misp-can-do/link_icon.svg
+++ b/what-misp-can-do/link_icon.svg
@ -0,0 +1 @@
+<?xml version="1.0" ?><!DOCTYPE svg  PUBLIC '-//W3C//DTD SVG 1.1//EN'  'http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd'><svg enable-background="new 0 0 141.732 141.732" height="141.732px" id="Livello_1" version="1.1" viewBox="0 0 141.732 141.732" width="141.732px" xml:space="preserve" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g id="Livello_107"><path d="M57.217,63.271L20.853,99.637c-4.612,4.608-7.15,10.738-7.15,17.259c0,6.524,2.541,12.653,7.151,17.261   c4.609,4.608,10.74,7.148,17.259,7.15h0.002c6.52,0,12.648-2.54,17.257-7.15L91.738,97.79c7.484-7.484,9.261-18.854,4.573-28.188   l-7.984,7.985c0.992,4.667-0.443,9.568-3.831,12.957l-37.28,37.277l-0.026-0.023c-2.652,2.316-6.001,3.579-9.527,3.579   c-3.768,0-7.295-1.453-9.937-4.092c-2.681-2.68-4.13-6.259-4.093-10.078c0.036-3.476,1.301-6.773,3.584-9.39l-0.021-0.02   l0.511-0.515c0.067-0.071,0.137-0.144,0.206-0.211c0.021-0.021,0.043-0.044,0.064-0.062l0.123-0.125l36.364-36.366   c2.676-2.673,6.23-4.144,10.008-4.144c0.977,0,1.947,0.101,2.899,0.298l7.993-7.995c-3.36-1.676-7.097-2.554-10.889-2.554   C67.957,56.124,61.827,58.663,57.217,63.271 M127.809,24.337c0-6.52-2.541-12.65-7.15-17.258c-4.61-4.613-10.74-7.151-17.261-7.151   c-6.519,0-12.648,2.539-17.257,7.151L49.774,43.442c-7.479,7.478-9.26,18.84-4.585,28.17l7.646-7.646   c-0.877-4.368,0.358-8.964,3.315-12.356l-0.021-0.022l0.502-0.507c0.064-0.067,0.134-0.138,0.201-0.206   c0.021-0.02,0.04-0.04,0.062-0.06l0.126-0.127l36.363-36.364c2.675-2.675,6.231-4.147,10.014-4.147   c3.784,0,7.339,1.472,10.014,4.147c5.522,5.521,5.522,14.51,0,20.027L76.138,71.629l-0.026-0.026   c-2.656,2.317-5.999,3.581-9.526,3.581c-0.951,0-1.891-0.094-2.814-0.278l-7.645,7.645c3.369,1.681,7.107,2.563,10.907,2.563   c6.523,0,12.652-2.539,17.261-7.148l36.365-36.365C125.27,36.988,127.809,30.859,127.809,24.337"/></g><g id="Livello_1_1_"/></svg>
				`@ -0,0 +1 @@`
				<?xml version="1.0" ?><!DOCTYPE svg PUBLIC '-//W3C//DTD SVG 1.1//EN' 'http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd'><svg enable-background="new 0 0 141.732 141.732" height="141.732px" id="Livello_1" version="1.1" viewBox="0 0 141.732 141.732" width="141.732px" xml:space="preserve" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g id="Livello_107"><path d="M57.217,63.271L20.853,99.637c-4.612,4.608-7.15,10.738-7.15,17.259c0,6.524,2.541,12.653,7.151,17.261 c4.609,4.608,10.74,7.148,17.259,7.15h0.002c6.52,0,12.648-2.54,17.257-7.15L91.738,97.79c7.484-7.484,9.261-18.854,4.573-28.188 l-7.984,7.985c0.992,4.667-0.443,9.568-3.831,12.957l-37.28,37.277l-0.026-0.023c-2.652,2.316-6.001,3.579-9.527,3.579 c-3.768,0-7.295-1.453-9.937-4.092c-2.681-2.68-4.13-6.259-4.093-10.078c0.036-3.476,1.301-6.773,3.584-9.39l-0.021-0.02 l0.511-0.515c0.067-0.071,0.137-0.144,0.206-0.211c0.021-0.021,0.043-0.044,0.064-0.062l0.123-0.125l36.364-36.366 c2.676-2.673,6.23-4.144,10.008-4.144c0.977,0,1.947,0.101,2.899,0.298l7.993-7.995c-3.36-1.676-7.097-2.554-10.889-2.554 C67.957,56.124,61.827,58.663,57.217,63.271 M127.809,24.337c0-6.52-2.541-12.65-7.15-17.258c-4.61-4.613-10.74-7.151-17.261-7.151 c-6.519,0-12.648,2.539-17.257,7.151L49.774,43.442c-7.479,7.478-9.26,18.84-4.585,28.17l7.646-7.646 c-0.877-4.368,0.358-8.964,3.315-12.356l-0.021-0.022l0.502-0.507c0.064-0.067,0.134-0.138,0.201-0.206 c0.021-0.02,0.04-0.04,0.062-0.06l0.126-0.127l36.363-36.364c2.675-2.675,6.231-4.147,10.014-4.147 c3.784,0,7.339,1.472,10.014,4.147c5.522,5.521,5.522,14.51,0,20.027L76.138,71.629l-0.026-0.026 c-2.656,2.317-5.999,3.581-9.526,3.581c-0.951,0-1.891-0.094-2.814-0.278l-7.645,7.645c3.369,1.681,7.107,2.563,10.907,2.563 c6.523,0,12.652-2.539,17.261-7.148l36.365-36.365C125.27,36.988,127.809,30.859,127.809,24.337"/></g><g id="Livello_1_1_"/></svg>