chg: [updated] main page + new post about the new standard

2024-12-31 14:48:02 +01:00 · 2024-12-31 14:48:02 +01:00 · 3096b5c838
parent 86ca49e0d7
commit 3096b5c838
5 changed files with 133 additions and 11 deletions
--- a/_config.yml
+++ b/_config.yml
@ -114,13 +114,13 @@ author:
  links:
    - label: "Email"
      icon: "fas fa-fw fa-envelope-square"
-      # url: mailto:your.name@email.com
+      url: "mailto:info@misp-project.org"
    - label: "Website"
      icon: "fas fa-fw fa-link"
-      # url: "https://your-website.com"
+      url: "https://www.misp-standard.org"
    - label: "Twitter"
      icon: "fab fa-fw fa-twitter-square"
-      url: "https://twitter.com/MISPProject"
+      url: "https://misp-community.org/@misp"
    - label: "Facebook"
      icon: "fab fa-fw fa-facebook-square"
      # url: "https://facebook.com/"
--- a/_posts/2024-12-31-Naming-Threat-Actor.md
+++ b/_posts/2024-12-31-Naming-Threat-Actor.md
@ -0,0 +1,56 @@
+---
+layout: posts
+title: "MISP-standard.org - Introducing the MISP Threat Actor Naming Standard"
+modified:
+categories: blog
+excerpt: How to name threat actor and adversaries in threat intelligence 
+tags: []
+image:
+  feature:
+date: 2024-12-31T01:01:55-04:00
+header:
+  overlay_image: /assets/images/ball.jpg
+  overlay_filter: 0.4 # same as adding an opacity of 0.5 to a black background
+---
+
+**Official Announcement: Introducing the MISP Threat Actor Naming Standard**
+
+The MISP-standard.org is proud to announce the release of a new standard: **Threat Actor Naming** ([RFC](https://www.misp-standard.org/rfc/threat-actor-naming.html)). This standard addresses one of the most critical challenges in cybersecurity information sharing—the consistent and reliable identification of threat actors.
+
+### Why a Threat Actor Naming Standard?
+
+In threat intelligence, the ability to identify and track threat actors across different organizations, tools, and data sets is crucial. However, the lack of standardized naming conventions has often led to confusion, duplication of effort, and inefficiencies in threat intelligence workflows. This new MISP standard provides a structured approach to naming threat actors, facilitating better collaboration and interoperability within the cybersecurity community.
+
+The objective is to actively reuse references, such as UUIDs, from existing [threat actor databases](https://github.com/MISP/misp-galaxy/blob/main/clusters/threat-actor.json) to ensure consistency and improve the reliability of shared intelligence. This approach supports streamlined collaboration and more accurate correlation of threat actor data across platforms.
+
+
+### Key Features of the Standard
+
+- **Global Consistency**: Establishes a common framework for naming threat actors that can be adopted across organizations and industries.
+- **Interoperability**: Ensures compatibility with existing threat intelligence sharing platforms, including MISP, enabling seamless integration.
+- **Flexibility**: Accommodates diverse naming conventions while providing guidance to reduce ambiguities.
+- **Transparency**: Maintains a clear rationale for each naming decision, enhancing the trustworthiness of shared threat intelligence.
+
+### Benefits for the Community
+
+- **Improved Collaboration**: Enhances the ability of CSIRTs, CERTs, and other stakeholders to collaborate effectively by reducing naming conflicts.
+- **Streamlined Analysis**: Simplifies the process of correlating threat actor information across different datasets.
+- **Better Attribution**: Provides a structured approach to documenting and attributing threat actors, aiding in incident response and strategic decision-making.
+
+### Get Involved
+
+This standard is a result of collaborative efforts within the MISP community. We invite cybersecurity professionals, researchers, and organizations to adopt and [contribute to the standard](https://github.com/MISP/misp-rfc/blob/main/threat-actor-naming/raw.md). Your feedback is invaluable in ensuring that this standard meets the needs of the global cybersecurity community.
+
+### Access the Standard
+
+The full text of the Threat Actor Naming standard is available [here](https://www.misp-standard.org/rfc/threat-actor-naming.html). We encourage you to explore it, implement it in your workflows, and share your experiences.
+
+Don't hesitate to contribute or make proposals [via the GitHub page](https://github.com/MISP/misp-rfc/blob/main/threat-actor-naming/raw.md).
+
+### Existing Directory of Threat Actor Names and References
+
+- MISP Galaxy - [Threat Actor](https://www.misp-galaxy.org/threat-actor/) - [Source in JSON](https://github.com/MISP/misp-galaxy/blob/main/clusters/threat-actor.json)
+
+### Acknowledgments
+
+We extend our gratitude to all contributors who have participated in the development of this standard. Your dedication and expertise have been instrumental in achieving this milestone.
--- a/assets/images/flowintel.png
+++ b/assets/images/flowintel.png
--- a/assets/images/skillaegis.svg
+++ b/assets/images/skillaegis.svg
--- a/index.md
+++ b/index.md
@ -18,21 +18,29 @@ feature_row:
  - url: https://thehive-project.org/
    image_path: /assets/images/thehive.png
    alt: "The Hive Project"
-    excerpt: " A 4-in-1 Security Incident Response Platform A scalable, open source and free Security Incident Response Platform, tightly integrated with MISP (Malware Information Sharing Platform), designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly. "
+    excerpt: "A 4-in-1 Security Incident Response Platform A scalable, open source and free Security Incident Response Platform, tightly integrated with MISP (Malware Information Sharing Platform), designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly. "
+  - url: https://github.com/flowintel/flowintel
+    image_path: /assets/images/flowintel.png
+    alt: "FlowIntel"
+    excerpt: "An open source platform to support analysts to organise their case and tasks"
+  - url: https://github.com/MISP/SkillAegis 
+    image_path: /assets/images/skillaegis.svg
+    alt: "SkillAegis"
+    excerpt: "SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in best practices for information management and protective tools. Its gamification system makes learning engaging, ensuring users acquire essential technical skills and adhere to industry standards."
 ---


 # MISP Standard

-At misp-standard.org, we build a simple, efficient and flexible [set of standards](/standards/) to support information exchange and data modeling in different fields, such as:
+At [misp-standard.org](https://misp-standard.org), we develop a straightforward, efficient, and flexible [set of standards](/standards/) to facilitate information exchange and data modeling across various domains, including:

- Cybersecurity intelligence
+- Cybersecurity intelligence (CTI)
 - Threat intelligence
- Financial fraud
- Vulnerability information
- Border control information
- Digital Forensic and Incident Response
- Intelligence at large
+- Financial fraud prevention
+- Vulnerability management
+- Border control operations
+- Digital Forensics and Incident Response (DFIR)
+- Broader intelligence disciplines

 ## Software using MISP standards