MISP
/
misp-website
mirror of https://github.com/MISP/misp-website
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [post] fixed

pull/8/head
Alexandre Dulaunoy 2019-01-20 22:27:43 +01:00
parent 9b30b63659
commit 48a04ceaf7
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
_posts/2019-01-20-MISP.2.4.101.released.md
View File

@ -4,17 +4,17 @@ layout: post
featured: /assets/images/misp-small.png
---
A new version of MISP ([2.4.101](https://github.com/MISP/MISP/tree/v2.4.100)) has been released with 3 main new features (tag collections, improved tag/galaxy selector and MISP instance caching), along with a host of improvements and bug fixes.
A new version of MISP ([2.4.101](https://github.com/MISP/MISP/tree/v2.4.101)) has been released with 3 main new features (tag collections, improved tag/galaxy selector and MISP instance caching), along with a host of improvements and bug fixes.
## Tag collections
![](/assets/images/misp/blog/tag-collection-creation.png)
![](/assets/images/misp/blog/tag-collection-creation.png){:class="img-responsive"}
Contextualisation in threat intelligence is one of the key activities when performing analysis and when reviewing or processing information from internal or external sources. The task can be rather tedious, but nevertheless, it's a critical step in ensuring the quality and the information's capacity to be used for automatic processing. MISP 2.4.101 introduces a new concept, in an attempt to improve the "time-to-contextualise" information for users using the platform. Tag collections, a new feature in 2.4.101, aim to allow users to predefine re-usable structures consisting of a set of tags (from taxonomies) along with galaxy information attached. Analysts can use these named collections to quickly classify information with all of the contextualisation labels declared in the collection. This functionality enables anyone using MISP to significantly lower the time it takes to classify information and to ensure that all the pre-defined context related information is attached to an event or attribute. This feature is a first step in opening up the sharing of analysisMISP best practices directly via the platform itself.
## Improved tag/galaxy selector
![](/assets/images/misp/blog/tag-collection.png)
![](/assets/images/misp/blog/tag-collection.png){:class="img-responsive"}
The success of MISP taxonomies and galaxies since their inception has been suffering from a minor but annoying drawback. When we originally designed the user-interfaces of the tag and galaxy systems in MISP, our immediate intent was to handle a rather small set of taxonomies. Since then we have come a long way and thanks to the many excellent contributions we've received from the community, the ugly side-effect of our original design decisions reared its head: adding multiple tags and galaxies has become a tedious chore, especially when trying to contextualise several aspects of the information to be shared, using multiple tags and galaxies.