grammar check

pull/3/head
Christophe Vandeplas 2018-01-11 08:44:18 +01:00
parent 9d8720aa42
commit b5a3fe910f
1 changed files with 6 additions and 6 deletions

View File

@ -7,24 +7,24 @@ featured: /assets/images/misp-small.png
# Using MISP to share vulnerability information efficiently # Using MISP to share vulnerability information efficiently
Software and hardware vulnerabilities are often discussed, shared, prepared, analysed and reviewed before publication. This process Software and hardware vulnerabilities are often discussed, shared, prepared, analysed and reviewed before publication. This process
can be tedious as it is often includes multiple exchanges between the parties involved, including reporters, proxy-reporters, coordinators, can be tedious as it often includes multiple exchanges between the parties involved, including reporters, proxy-reporters, coordinators,
editors and even impacted parties. Some vulnerabilities might be shared and exchanged among trusted parties for months before being editors and even impacted parties. Some vulnerabilities might be shared and exchanged among trusted parties for months before being
officially disclosed. This can generate a significant workload on the staff dealing with a security team, vulnerability assessment team or officially disclosed. This can generate a significant workload on the staff dealing with a security team, vulnerability assessment team or
CNA (CVE Numbering Authorities). CNA (CVE Numbering Authorities).
As MISP provides the complete list of functionalities facilitating thesharing of information, sharing and collaborating on security vulnerabilities As MISP provides the complete list of functionalities facilitating the sharing of information, sharing and collaborating on security vulnerabilities
within a trusted group is as easy as sharing indicators. within a trusted group is as easy as sharing indicators.
## MISP Objects ## MISP Objects
MISP objects provide a flexible way to describe combined information using a simple templating system. There is already a vulnerability MISP objects provide a flexible way to describe combined information using a simple templating system. There is already a vulnerability
object which covers the most common cases used by organisations such as CSIRTs, security team or security assessment team. But if you object which covers the most common cases used by organisations such as CSIRTs, security teams or security assessment teams. If you
have a specific use-case of vulnerability information to share, a MISP object can be built from a template in a matter of minutes. have a specific use-case of vulnerability information to share, a MISP object can also be built from a custom template in a matter of minutes.
# How to share vulnerability information within MISP to a trusted group # How to share vulnerability information within MISP to a trusted group
Sharing a set of vulnerabilities to a trusted group is straightforward. First you create an event which will contain one or more Sharing a set of vulnerabilities to a trusted group is straightforward. First you create an event which will contain one or more
vulnerabilities and assign the corresponding sharing group. An event is just a container with meta-data associated with it such as classification vulnerabilities and assign the corresponding sharing group. An event is just a container with meta-data associated with it such as a classification
or a generic description. or a generic description.
![](/assets/images/misp/blog/vul01.png) ![](/assets/images/misp/blog/vul01.png)
@ -34,7 +34,7 @@ a vulnerability object can be added to describe the vulnerability.
![](/assets/images/misp/blog/vul02.png) ![](/assets/images/misp/blog/vul02.png)
The vulnerability object is composed of various attributes such as vulnerable configuration expressed as a CPE value and The vulnerability object is composed of various attributes such as the vulnerable configuration expressed as a CPE value and
can be added multiple times if you have different vulnerable configurations. can be added multiple times if you have different vulnerable configurations.
![](/assets/images/misp/blog/vul03.png) ![](/assets/images/misp/blog/vul03.png)