Update 2018-01-09-Using-MISP-to-share-vulnerability-information-efficiently.md

pull/3/head
Andras Iklody 2018-01-11 07:00:01 +01:00 committed by GitHub
parent 6b66c523f1
commit 9d8720aa42
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 7 deletions

View File

@ -6,13 +6,13 @@ featured: /assets/images/misp-small.png
# Using MISP to share vulnerability information efficiently
Software and hardware vulnerability are often discussed, shared, prepared, analysed or reviewed before publication. This process
can be tedious as this is often a lot of exchanges between the parties involved including reporters, proxy-reporters, coordinators,
editor and even impacted parties. Some vulnerabilities might be shared and exchanged within trusted parties for months before being
officially disclosed. This can generate a significant workload on a staff dealing with security team, vulnerability assessment team or
Software and hardware vulnerabilities are often discussed, shared, prepared, analysed and reviewed before publication. This process
can be tedious as it is often includes multiple exchanges between the parties involved, including reporters, proxy-reporters, coordinators,
editors and even impacted parties. Some vulnerabilities might be shared and exchanged among trusted parties for months before being
officially disclosed. This can generate a significant workload on the staff dealing with a security team, vulnerability assessment team or
CNA (CVE Numbering Authorities).
As MISP provides a complete functionality software for sharing information, sharing and collaborating on security vulnerabilities
As MISP provides the complete list of functionalities facilitating thesharing of information, sharing and collaborating on security vulnerabilities
within a trusted group is as easy as sharing indicators.
## MISP Objects
@ -24,7 +24,7 @@ have a specific use-case of vulnerability information to share, a MISP object ca
# How to share vulnerability information within MISP to a trusted group
Sharing a set of vulnerabilities to a trusted group is straightforward. First you create an event which will contain one or more
vulnerability with the corresponding sharing group. An event is just a container with meta-data associated to it such as classification
vulnerabilities and assign the corresponding sharing group. An event is just a container with meta-data associated with it such as classification
or a generic description.
![](/assets/images/misp/blog/vul01.png)
@ -34,7 +34,7 @@ a vulnerability object can be added to describe the vulnerability.
![](/assets/images/misp/blog/vul02.png)
The vulnerability object is composed of various attributes such as vulnerable configuration where it's expressed as a CPE value and
The vulnerability object is composed of various attributes such as vulnerable configuration expressed as a CPE value and
can be added multiple times if you have different vulnerable configurations.
![](/assets/images/misp/blog/vul03.png)