MISP
/
misp-website
mirror of https://github.com/MISP/misp-website
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [features] more text

pull/56/head
Christophe Vandeplas 2022-01-30 08:02:56 +01:00
parent 317babf5ed
commit 9c97bb5ac5
6 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
content/features.md
View File

@ -23,7 +23,7 @@ A threat intelligence platform for sharing, storing and correlating Indicators o
* **adjustable taxonomy** to classify and tag events following your own classification schemes or [existing taxonomies](https://github.com/MISP/misp-taxonomies). The taxonomy can be local to your MISP but also shareable among MISP instances. MISP comes with a default set of well-known [taxonomies and classification schemes](/taxonomies.html) to support standard classification as used by ENISA, Europol, DHS, CSIRTs or many other organisations.
* **intelligence vocabularies** called MISP galaxy and bundled with existing [threat actors, malware, RAT, ransomware or MITRE ATT&CK](galaxy.html) which can be easily linked with events in MISP.
* **[expansion modules](https://misp.github.io/misp-modules/) in Python** to expand MISP with your own services or activate already available [misp-modules](https://github.com/MISP/misp-modules).
* **sighting support** to get observations from organizations concerning shared indicators and attributes. Sighting [can be contributed](https://www.circl.lu/doc/misp/automation/index.html#sightings-api) via MISP user-interface, API as MISP document or STIX sighting documents. Starting with MISP 2.4.66, [Sighting has been extended](/2017/02/16/Sighting-the-next-level) to support false-negative sighting or expiration sighting.
* **sighting support** to get observations from organizations concerning shared indicators and attributes. Sighting [can be contributed](https://www.circl.lu/doc/misp/automation/index.html#sightings-api) via MISP user-interface, API as MISP document or STIX sighting documents. Starting with MISP 2.4.66, [Sighting has been extended](/2017/02/16/Sighting-The-Next-Level.html) to support false-negative sighting or expiration sighting.
* **STIX support**: export data in the STIX format (XML and JSON) including export/import in STIX 2.0 format.
* **integrated encryption and signing of the notifications** via PGP and/or S/MIME depending of the user preferences.
* **Real-time publish-subscribe channel** within MISP to automatically get all changes (e.g. new events, indicators, sightings or tagging) in ZMQ (e.g. [misp-dashboard](https://github.com/MISP/misp-dashboard)) or Kafka.

2
data/carousel/art.yaml
View File

@ -1,4 +1,4 @@
weight: 2
weight: 4
title: "The art of information sharing"
description: "<p>is to
share more, smarter and faster<br/>

2
data/carousel/visualization.yaml
View File

@ -1,4 +1,4 @@
weight: 4
weight: 2
title: "Visualization & Dashboards"
description: "<p>Seeing helps understanding.</p><p>MISP comes with many visualization options helping analysts find the answers they are looking for."
image: "img/carousel/visualization.png"

2
data/features/intelligence.yaml
View File

@ -2,4 +2,4 @@ weight: 4
name: "Threat Intelligence"
icon: "fas fa-brain"
url: ""
description: "TODO integration with other tools, analysis, .. "
description: "Threat Intelligence is much more than [Indicators of Compromise](https://en.wikipedia.org/wiki/Indicator_of_compromise). This is why MISP provides [metadata tagging](datamodels/#misp-taxonomies), [feeds](feeds), visualization and even allows you to integrate with other [tools](tools) for further analysis thanks to its [open protocols and data formats](datamodels)."

2
data/features/open.yaml
View File

@ -2,4 +2,4 @@ weight: 6
name: "Open & Free"
icon: "fas fa-lock-open"
url: ""
description: "TODO no license cost, commercial support available, open model, open format, open API, interoperability blablabla."
description: "The MISP Threat Sharing ecosystem is all about accessibility and interoperability: The [software](download) is [free to use](license), data format and API are completely [open standards](datamodels) and for [support](support) you can rely on [community](support) and [professional services](professional-services)."

2
data/features/visualization.yaml
View File

@ -2,4 +2,4 @@ weight: 5
name: "Visualization"
icon: "fas fa-project-diagram"
url: ""
description: "TODO "
description: "Having access to a large amount of Threat information through MISP Threat Sharing communities gives you outstanding opportunities to aggregate this information and take the process of trying to understand how all this data fits together telling a broader story to the next level. We are transforming technical data or indicators of compromise (IOCs) into cyber threat intelligence. MISP comes with many visualization options helping analysts find the answers they are looking for."