MISP
/
misp-website
mirror of https://github.com/MISP/misp-website
2
0
Fork 0
Code Issues Releases Wiki Activity

grammar check

pull/3/head
Christophe Vandeplas 2018-01-11 08:44:18 +01:00
parent 9d8720aa42
commit b5a3fe910f
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
_posts/2018-01-09-Using-MISP-to-share-vulnerability-information-efficiently.md
View File

@ -7,24 +7,24 @@ featured: /assets/images/misp-small.png
# Using MISP to share vulnerability information efficiently
Software and hardware vulnerabilities are often discussed, shared, prepared, analysed and reviewed before publication. This process
can be tedious as it is often includes multiple exchanges between the parties involved, including reporters, proxy-reporters, coordinators,
can be tedious as it often includes multiple exchanges between the parties involved, including reporters, proxy-reporters, coordinators,
editors and even impacted parties. Some vulnerabilities might be shared and exchanged among trusted parties for months before being
officially disclosed. This can generate a significant workload on the staff dealing with a security team, vulnerability assessment team or
CNA (CVE Numbering Authorities).
As MISP provides the complete list of functionalities facilitating thesharing of information, sharing and collaborating on security vulnerabilities
As MISP provides the complete list of functionalities facilitating the sharing of information, sharing and collaborating on security vulnerabilities
within a trusted group is as easy as sharing indicators.
## MISP Objects
MISP objects provide a flexible way to describe combined information using a simple templating system. There is already a vulnerability
object which covers the most common cases used by organisations such as CSIRTs, security team or security assessment team. But if you
have a specific use-case of vulnerability information to share, a MISP object can be built from a template in a matter of minutes.
object which covers the most common cases used by organisations such as CSIRTs, security teams or security assessment teams. If you
have a specific use-case of vulnerability information to share, a MISP object can also be built from a custom template in a matter of minutes.
# How to share vulnerability information within MISP to a trusted group
Sharing a set of vulnerabilities to a trusted group is straightforward. First you create an event which will contain one or more
vulnerabilities and assign the corresponding sharing group. An event is just a container with meta-data associated with it such as classification
vulnerabilities and assign the corresponding sharing group. An event is just a container with meta-data associated with it such as a classification
or a generic description.
![](/assets/images/misp/blog/vul01.png)
@ -34,7 +34,7 @@ a vulnerability object can be added to describe the vulnerability.
![](/assets/images/misp/blog/vul02.png)
The vulnerability object is composed of various attributes such as vulnerable configuration expressed as a CPE value and
The vulnerability object is composed of various attributes such as the vulnerable configuration expressed as a CPE value and
can be added multiple times if you have different vulnerable configurations.
![](/assets/images/misp/blog/vul03.png)