mirror of https://github.com/MISP/misp-website
fix: [blog] adds shortcode for video support
parent
412260ca3c
commit
653672cad7
|
@ -25,11 +25,7 @@ In addition to the flexible type format, we added a simple source field which co
|
|||
|
||||
MISP 2.4.66 has been released including the improved sightings feature. As you can see below:
|
||||
|
||||
<div class="myvideo">
|
||||
<video style="display:block; width:100%; height:auto;" autoplay controls loop="loop">
|
||||
<source src="{{ site.baseurl }}/img/blog/misp/video/sighting.webm" type="video/webm" />
|
||||
</video>
|
||||
</div>
|
||||
{{<video src="/img/video/sighting.webm" title="sightings" >}}
|
||||
|
||||
In previous version of MISP, sightings used the basic counter model as described above. In addition to the classical model, MISP 2.4.66 now allows to do negative sighting to track the numbers of false-positives generated. All the sightings are also tracked per organisation with an additional source. The source allows an organisation to track which equipments or infrastructure generated the sighting.
|
||||
|
||||
|
|
|
@ -10,11 +10,7 @@ A new version of MISP [2.4.82](https://github.com/MISP/MISP/tree/v2.4.82) has be
|
|||
MISP includes a nifty real-time publish-subscribe system to notify subscribers on any updates on a MISP instance. 2.4.82 introduced new channels and expanded format
|
||||
to deliver additional information to the subscribers. The system can be used to feed stream processing automation systems (e.g. IntelMQ), real-time SIEM interaction , monitoring or custom applications. As an example, we developed a complete dashboard application called [misp-dashboard](https://www.github.com/MISP/misp-dashboard) which solely relies on the publish-subscribe ZMQ feature to allow for a geolocalised view, historical searches of geographical information and a contributor dashboard which is the first version of the gamification project in MISP to promote information sharing (a separate post will come soon).
|
||||
|
||||
<div class="myvideo">
|
||||
<video style="display:block; width:100%; height:auto;" autoplay controls loop="loop">
|
||||
<source src="{{ site.baseurl }}/img/blog/misp/video/misp-zmq-dashboard-integration.mp4" type="video/mp4" />
|
||||
</video>
|
||||
</div>
|
||||
{{<video src="/img/video/misp-zmq-dashboard-integration.mp4" >}}
|
||||
|
||||
MISP ZMQ has new channels especially related to MISP objects in addition to events and attributes.
|
||||
|
||||
|
|
|
@ -9,11 +9,7 @@ A new version of MISP [2.4.89](https://github.com/MISP/MISP/tree/v2.4.89) has be
|
|||
|
||||
We introduced a new functionality allowing analysts and MISP users to view objects and attributes via a graphical visualisation. The event graph view supports the ability to edit objects, attributes and create relationships easily. We have foreseen a host of extensions to the event graph that we will be gradually adding in the future.
|
||||
|
||||
<div class="myvideo">
|
||||
<video style="display:block; width:100%; height:auto;" autoplay controls loop="loop">
|
||||
<source src="{{ site.baseurl }}/img/blog/misp/video/event-graph.webm" type="video/webm" />
|
||||
</video>
|
||||
</div>
|
||||
{{<video src="/img/video/event-graph.webm" >}}
|
||||
|
||||
In addition to exporting in the STIX 2.0 format, MISP now supports the importing of STIX 2.0 data, directly from the UI. Significant improvements were made in the parsers for STIX 1.x and STIX 2.0 to support additional types of data. Don't hesitate to send us sample files which don't work as expected to help us improve our mapping. We have also added a warning in the import tool for the STIX import to describe that the STIX format can be lossy compared to the MISP standard format.
|
||||
|
||||
|
|
|
@ -11,7 +11,7 @@ MITRE ATT&CK offers an excellent, efficient and very complete framework to descr
|
|||
|
||||
<div class="myvideo">
|
||||
<video style="display:block; width:100%; height:auto;" autoplay controls loop="loop">
|
||||
<source src="{{ site.baseurl }}/img/blog/misp/video/attack.webm" type="video/webm" />
|
||||
<source src="{{ site.baseurl }}/img/video/attack.webm" type="video/webm" />
|
||||
</video>
|
||||
</div>
|
||||
|
||||
|
|
|
@ -37,9 +37,9 @@ We still have to see how the ``base_score`` is actually computed. In the current
|
|||
|
||||
To give the intuition of how the ``base_score`` computation works, let's look at two examples. In these examples, the two *Taxonomies* used are
|
||||
[*phishing*](https://github.com/MISP/misp-taxonomies/blob/master/phishing/machinetag.json) and [*admiralty-scale*](https://github.com/MISP/misp-taxonomies/blob/master/admiralty-scale/machinetag.json). Both of them contain *Tags* that have a ``numerical_value`` associated to them:
|
||||
- <img src="/img/blog/decaying//tag-as-A.png" alt="admiraly-scale:source-reliability = Completely reliable" width="300"/>, ``numerical_value = 100``
|
||||
- <img src="/img/blog/decaying//tag-as-D.png" alt="admiraly-scale:source-reliability = Not usually reliable" width="300"/>, ``numerical_value = 25``
|
||||
- <img src="/img/blog/decaying//tag-p-H.png" alt="phishing:psychological-acceptability = high" width="250"/>, ``numerical_value = 75``
|
||||
- <img src="/img/blog/decaying/tag-as-A.png" alt="admiraly-scale:source-reliability = Completely reliable" width="300"/>, ``numerical_value = 100``
|
||||
- <img src="/img/blog/decaying/tag-as-D.png" alt="admiraly-scale:source-reliability = Not usually reliable" width="300"/>, ``numerical_value = 25``
|
||||
- <img src="/img/blog/decaying/tag-p-H.png" alt="phishing:psychological-acceptability = high" width="250"/>, ``numerical_value = 75``
|
||||
|
||||
So, if an *Attribute* only has a single *Tag* attached, for example ``admiralty-scale:source-reliability="Completely reliable"``, the ``base_score`` would be:
|
||||
```
|
||||
|
@ -110,21 +110,15 @@ When creating a new *Decaying Model*, modifying its parameters and viewing the o
|
|||
|
||||
### Customising the lifetime and the decay speed parameters
|
||||
|
||||
<video src="/img/blog/decaying/dm-tool.mp4" title="Decaying Model Fine Tuning Tool - Parameters" width="800" height="450" controls autoplay loop>
|
||||
Your browser does not support the video tag.
|
||||
</video>
|
||||
{{<video src="/img/blog/decaying/dm-tool.mp4" title="Decaying Model Fine Tuning Tool - Parameters" >}}
|
||||
|
||||
### Setting the ``base_score``: Customising Taxonomies' weights
|
||||
|
||||
<video src="/img/blog/decaying/dm-bs.mp4" type="video/mp4" title="Decaying Model Fine Tuning Tool - Base score" width="800" height="450" controls autoplay loop>
|
||||
Your browser does not support the video tag.
|
||||
</video>
|
||||
{{<video src="/img/blog/decaying/dm-bs.mp4" type="video/mp4" title="Decaying Model Fine Tuning Tool - Base score" >}}
|
||||
|
||||
### Viewing scores and simulating the model
|
||||
|
||||
<video src="/img/blog/decaying/dm-simulation.mp4" type="video/mp4" title="Decaying Model Simulation Tool" width="800" height="450" controls autoplay loop>
|
||||
Your browser does not support the video tag.
|
||||
</video>
|
||||
{{<video src="/img/blog/decaying/dm-simulation.mp4" type="video/mp4" title="Decaying Model Simulation Tool" >}}
|
||||
|
||||
# Developer perspective: Creating a model using a different algorithm
|
||||
|
||||
|
|
|
@ -16,7 +16,7 @@ progress of the update can be verified via the interface of your MISP instance u
|
|||
|
||||
# Timeline feature and improved data-model
|
||||
|
||||
<video src="/img/blog/timeline-video.mp4" title="Overview of the MISP timeline feature" width="800" height="450" controls autoplay loop>Video tag is not supported by your browser</video>
|
||||
{{<video src="/img/blog/timeline-video.mp4" title="Overview of the MISP timeline feature" >}}
|
||||
|
||||
[MISP standard format](https://www.misp-standard.org/) has been extended to support first_seen and last_seen on any attribute or object in a MISP instance. This functionality is fully accessible via the restSearch API and via the user-interface of MISP. first_seen and last_seen can be set at the attribute and/or the object levels. A complete timeline viewer and editor has been added to allow users to:
|
||||
|
||||
|
|
|
@ -11,7 +11,7 @@ In the previous version of MISP, the new [Event Report functionality](https://ww
|
|||
|
||||
In the current version, the Event Report has been extended to support the automatic discovery of attributes, galaxies and tags from any website captured.
|
||||
|
||||
<video src="https://www.misp-project.org/img/blog/event-report-demo-extraction-from-url2.mp4" title="Overview video of the new MISP event report functionality and discover of elements" width="800" height="450" controls autoplay loop>Video tag is not supported by your browser</video>
|
||||
{{<video src="https://www.misp-project.org/img/blog/event-report-demo-extraction-from-url2.mp4" title="Overview video of the new MISP event report functionality and discover of elements" >}}
|
||||
|
||||
|
||||
This functionality allows the analysts to collect external reports and automatically discover information which can be used in MISP.
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
<div class="myvideo">
|
||||
<video style="display:block; width:100%; height:auto;" autoplay controls loop="loop">
|
||||
<source src="{{ index .Params "src" }}" {{ if isset .Params "title"}} title="{{ index .Params "title" }}" {{end}} />
|
||||
Sorry, cannot display the video as the video tag is not supported by your browser.
|
||||
</video>
|
||||
</div>
|
Loading…
Reference in New Issue