MISP
/
misp-website
mirror of https://github.com/MISP/misp-website
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [blog] updated Kunai blog post 

Signed-off-by: qjerome <qjerome@rawsec.lu>
pull/103/head
qjerome 2024-05-07 18:06:01 +02:00
parent a1e47f9f9a
commit 71f69f4f4c
2 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
content/blog/Using-Your-MISP-IoCs-in-Kunai.md
View File

@ -3,12 +3,12 @@ title: Using your MISP IoCs in Kunai (the open source EDR for Linux)
date: 2024-04-19
layout: post
tags: ["edr", "kunai"]
#banner: /img/blog/poppy/2.png
banner: /img/blog/misp-ioc-kunai.png
---
# Using your MISP IoCs in Kunai
[Kunai](https://github.com/kunai-project/kunai) is an **open-source** security monitoring tool, specifically designed to address the threat-hunting and threat-detection problematic on **Linux**. It has been inspired by [Microsoft Sysmon](https://learn.microsoft.com/en-us/sysinternals/downloads/sysmon), to provide a Sysmon alike experience to the end user. However, it comes with some more advanced features such as fine grained event filtering, detection rules and IoC matching. In this blog post, we are going to introduce how to implement real time **MISP IoC** matching in a very short amount of time.
[Kunai](https://github.com/kunai-project/kunai) is an **open-source** security monitoring tool, specifically designed to address the threat-hunting and threat-detection problematic on **Linux**. It has been inspired by [Microsoft Sysmon](https://learn.microsoft.com/en-us/sysinternals/downloads/sysmon), to provide a Sysmon alike experience to the end user. However, it comes with some more advanced features such as fine grained **event filtering**, detection rules and **IoC** matching. In this blog post, we are going to introduce how to implement real time **MISP IoC** matching in a very short amount of time.
## Warm up
@ -187,9 +187,9 @@ We hope you learned useful things or at least that you enjoyed reading this arti
## References
[Kunai project on GitHub](https://github.com/kunai-project/)
[Kunai documentation](https://why.kunai.rocks/docs/quickstart)
[Kunai tools](https://github.com/kunai-project/tools)
[Kunai project on GitHub](https://github.com/kunai-project/)
[Kunai documentation](https://why.kunai.rocks/docs/quickstart)
[Kunai tools](https://github.com/kunai-project/tools)
[PyMISP](https://github.com/MISP/PyMISP)

BIN
static/img/blog/misp-ioc-kunai.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 676 KiB