diff --git a/_posts/2018-06-27-MISP.2.4.93.released.md b/_posts/2018-06-27-MISP.2.4.93.released.md index fa7d29c..6c281ed 100755 --- a/_posts/2018-06-27-MISP.2.4.93.released.md +++ b/_posts/2018-06-27-MISP.2.4.93.released.md @@ -1,12 +1,12 @@ --- -title: MISP 2.4.93 released (aka ATT&CK integration improvements) +title: MISP 2.4.93 released (aka ATT&CK integration) layout: post featured: /assets/images/misp-small.png --- -A new version of MISP [2.4.93](https://github.com/MISP/MISP/tree/v2.4.93) has been released including an improved [MITRE ATT&CK](https://attack.mitre.org) integration, new event lock functionality, initial support for multilingual MISP interface, various fixes and a security fix ([CVE-2018-12649](https://cve.circl.lu/cve/CVE-2018-12649)). +A new version of MISP [2.4.93](https://github.com/MISP/MISP/tree/v2.4.93) has been released including a much improved and tightly integrated [MITRE ATT&CK](https://attack.mitre.org) interface, a new event locking functionality, initial support for a multilingual interface, various fixes including a security fix ([CVE-2018-12649](https://cve.circl.lu/cve/CVE-2018-12649)). -MITRE ATT&CK offers a nice and efficient way to describe adversarial tactics and techniques to information in MISP (at event or attribute level) and share it with your partners. We included ATT&CK in the [misp-galaxy](https://www.misp-project.org/galaxy.html) from the early beginning but we quickly saw the limitation of using the techniques in MISP. So we decided to improve the user-interface by having the ATT&CK matrix directly accessible in MISP to add techniques and tactics following the model described in MITRE ATT&CK. The global statistics were also extended in order to see the overview of techniques used. +MITRE ATT&CK offers an excellent, efficient and very complete framework to describe adversarial tactics and techniques, which MISP now directly incorporates as a way to contextualise the information contained within (at the event and attribute levels) and to share the contextualised data with your partners. We have been supporting the use of the ATT&CK framework via the [misp-galaxy](https://www.misp-project.org/galaxy.html) from the early beginning but we quickly realised the limitations of using this technique in MISP. So we decided to improve the user-interface by having the ATT&CK matrix directly accessible in MISP in order to be able to more intuitively attach techniques and tactics to MISP data following a method that is more universally linked to ATT&CK. The global statistics were also extended in order to get a quick overview of techniques used.