diff --git a/_posts/2018-01-09-Using-MISP-to-share-vulnerability-information-efficiently.md b/_posts/2018-01-09-Using-MISP-to-share-vulnerability-information-efficiently.md index 62cced9..cc0b1e0 100755 --- a/_posts/2018-01-09-Using-MISP-to-share-vulnerability-information-efficiently.md +++ b/_posts/2018-01-09-Using-MISP-to-share-vulnerability-information-efficiently.md @@ -6,13 +6,13 @@ featured: /assets/images/misp-small.png # Using MISP to share vulnerability information efficiently -Software and hardware vulnerability are often discussed, shared, prepared, analysed or reviewed before publication. This process -can be tedious as this is often a lot of exchanges between the parties involved including reporters, proxy-reporters, coordinators, -editor and even impacted parties. Some vulnerabilities might be shared and exchanged within trusted parties for months before being -officially disclosed. This can generate a significant workload on a staff dealing with security team, vulnerability assessment team or +Software and hardware vulnerabilities are often discussed, shared, prepared, analysed and reviewed before publication. This process +can be tedious as it is often includes multiple exchanges between the parties involved, including reporters, proxy-reporters, coordinators, +editors and even impacted parties. Some vulnerabilities might be shared and exchanged among trusted parties for months before being +officially disclosed. This can generate a significant workload on the staff dealing with a security team, vulnerability assessment team or CNA (CVE Numbering Authorities). -As MISP provides a complete functionality software for sharing information, sharing and collaborating on security vulnerabilities +As MISP provides the complete list of functionalities facilitating thesharing of information, sharing and collaborating on security vulnerabilities within a trusted group is as easy as sharing indicators. ## MISP Objects @@ -24,7 +24,7 @@ have a specific use-case of vulnerability information to share, a MISP object ca # How to share vulnerability information within MISP to a trusted group Sharing a set of vulnerabilities to a trusted group is straightforward. First you create an event which will contain one or more -vulnerability with the corresponding sharing group. An event is just a container with meta-data associated to it such as classification +vulnerabilities and assign the corresponding sharing group. An event is just a container with meta-data associated with it such as classification or a generic description. ![](/assets/images/misp/blog/vul01.png) @@ -34,7 +34,7 @@ a vulnerability object can be added to describe the vulnerability. ![](/assets/images/misp/blog/vul02.png) -The vulnerability object is composed of various attributes such as vulnerable configuration where it's expressed as a CPE value and +The vulnerability object is composed of various attributes such as vulnerable configuration expressed as a CPE value and can be added multiple times if you have different vulnerable configurations. ![](/assets/images/misp/blog/vul03.png)