From efb3c3995a09a87af025c30e7ff8c95cbbe3a6da Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Fri, 23 Feb 2024 15:30:53 +0100
Subject: [PATCH] new: [producer] Skeleton for threat intelligence producer to
 be attached as producer of Intelligence in MISP feed.

In the realm of cybersecurity, numerous security firms produce feeds and threat intelligence conforming to the MISP standards. However, a significant challenge arises due to the often insufficient or vague descriptions of the origins of this intelligence within these standards. This lack of clarity hinders the effectiveness and credibility of the threat intelligence shared across platforms and organizations.
---
 clusters/producer.json | 42 ++++++++++++++++++++++++++++++++++++++++++
 galaxies/producer.json |  9 +++++++++
 2 files changed, 51 insertions(+)
 create mode 100644 clusters/producer.json
 create mode 100644 galaxies/producer.json

diff --git a/clusters/producer.json b/clusters/producer.json
new file mode 100644
index 0000000..5f8ded1
--- /dev/null
+++ b/clusters/producer.json
@@ -0,0 +1,42 @@
+{
+  "authors": [
+    "Various"
+  ],
+  "category": "actor",
+  "description": "List of threat intelligence producer from security vendors to CERTs including any producer of intelligence at large.",
+  "name": "Producer",
+  "source": "MISP Project",
+  "type": "producer",
+  "uuid": "faab7b69-c850-491a-b36c-ba48c1c03279",
+  "values": [
+    {
+      "description": "Intel 471 provides adversary and malware intelligence for leading security teams. Our adversary intelligence is focused on infiltrating access to closed sources where threat actors collaborate, communicate and plan cyber attacks. Our malware intelligence leverages our adversary intelligence and underground capabilities to provide timely data and context on malicious infrastructure.",
+      "meta": {
+        "company-type": [
+          "Cyber Security Vendor"
+        ],
+        "country": "US",
+        "official-refs": [
+          "https://intel471.com/"
+        ],
+        "product-type": [
+          "intelligence-feed-provider"
+        ],
+        "products": [
+          "Malware Intelligence",
+          "Vulnerability Intelligence"
+        ],
+        "refs": [
+          "https://www.applytosupply.digitalmarketplace.service.gov.uk/g-cloud/services/448869643798857"
+        ],
+        "synonyms": [
+          "Intel 471 Inc.",
+          "Intel 471"
+        ]
+      },
+      "uuid": "306bc923-3200-47e3-ade9-50ffc41f668c",
+      "value": "Intel471"
+    }
+  ],
+  "version": 1
+}
diff --git a/galaxies/producer.json b/galaxies/producer.json
new file mode 100644
index 0000000..25dc41f
--- /dev/null
+++ b/galaxies/producer.json
@@ -0,0 +1,9 @@
+{
+  "description": "List of threat intelligence producer from security vendors to CERTs including any producer of intelligence at large.",
+  "icon": "book",
+  "name": "Producer",
+  "namespace": "misp",
+  "type": "producer",
+  "uuid": "2d74a15e-9c88-452e-af14-d0ecd2e9cd63",
+  "version": 1
+}