mirror of https://github.com/MISP/misp-website
grammar check
parent
9d8720aa42
commit
b5a3fe910f
|
@ -7,24 +7,24 @@ featured: /assets/images/misp-small.png
|
||||||
# Using MISP to share vulnerability information efficiently
|
# Using MISP to share vulnerability information efficiently
|
||||||
|
|
||||||
Software and hardware vulnerabilities are often discussed, shared, prepared, analysed and reviewed before publication. This process
|
Software and hardware vulnerabilities are often discussed, shared, prepared, analysed and reviewed before publication. This process
|
||||||
can be tedious as it is often includes multiple exchanges between the parties involved, including reporters, proxy-reporters, coordinators,
|
can be tedious as it often includes multiple exchanges between the parties involved, including reporters, proxy-reporters, coordinators,
|
||||||
editors and even impacted parties. Some vulnerabilities might be shared and exchanged among trusted parties for months before being
|
editors and even impacted parties. Some vulnerabilities might be shared and exchanged among trusted parties for months before being
|
||||||
officially disclosed. This can generate a significant workload on the staff dealing with a security team, vulnerability assessment team or
|
officially disclosed. This can generate a significant workload on the staff dealing with a security team, vulnerability assessment team or
|
||||||
CNA (CVE Numbering Authorities).
|
CNA (CVE Numbering Authorities).
|
||||||
|
|
||||||
As MISP provides the complete list of functionalities facilitating thesharing of information, sharing and collaborating on security vulnerabilities
|
As MISP provides the complete list of functionalities facilitating the sharing of information, sharing and collaborating on security vulnerabilities
|
||||||
within a trusted group is as easy as sharing indicators.
|
within a trusted group is as easy as sharing indicators.
|
||||||
|
|
||||||
## MISP Objects
|
## MISP Objects
|
||||||
|
|
||||||
MISP objects provide a flexible way to describe combined information using a simple templating system. There is already a vulnerability
|
MISP objects provide a flexible way to describe combined information using a simple templating system. There is already a vulnerability
|
||||||
object which covers the most common cases used by organisations such as CSIRTs, security team or security assessment team. But if you
|
object which covers the most common cases used by organisations such as CSIRTs, security teams or security assessment teams. If you
|
||||||
have a specific use-case of vulnerability information to share, a MISP object can be built from a template in a matter of minutes.
|
have a specific use-case of vulnerability information to share, a MISP object can also be built from a custom template in a matter of minutes.
|
||||||
|
|
||||||
# How to share vulnerability information within MISP to a trusted group
|
# How to share vulnerability information within MISP to a trusted group
|
||||||
|
|
||||||
Sharing a set of vulnerabilities to a trusted group is straightforward. First you create an event which will contain one or more
|
Sharing a set of vulnerabilities to a trusted group is straightforward. First you create an event which will contain one or more
|
||||||
vulnerabilities and assign the corresponding sharing group. An event is just a container with meta-data associated with it such as classification
|
vulnerabilities and assign the corresponding sharing group. An event is just a container with meta-data associated with it such as a classification
|
||||||
or a generic description.
|
or a generic description.
|
||||||
|
|
||||||
![](/assets/images/misp/blog/vul01.png)
|
![](/assets/images/misp/blog/vul01.png)
|
||||||
|
@ -34,7 +34,7 @@ a vulnerability object can be added to describe the vulnerability.
|
||||||
|
|
||||||
![](/assets/images/misp/blog/vul02.png)
|
![](/assets/images/misp/blog/vul02.png)
|
||||||
|
|
||||||
The vulnerability object is composed of various attributes such as vulnerable configuration expressed as a CPE value and
|
The vulnerability object is composed of various attributes such as the vulnerable configuration expressed as a CPE value and
|
||||||
can be added multiple times if you have different vulnerable configurations.
|
can be added multiple times if you have different vulnerable configurations.
|
||||||
|
|
||||||
![](/assets/images/misp/blog/vul03.png)
|
![](/assets/images/misp/blog/vul03.png)
|
||||||
|
|
Loading…
Reference in New Issue