From cfdc49d3505f251530ca55d535bcecb3bb9f2f04 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Fri, 27 Mar 2020 11:14:20 +0100 Subject: [PATCH] chg: [cogsec] some url fixed --- ...2020-03-27-cogsec-collab-misp-community.md | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/_posts/2020-03-27-cogsec-collab-misp-community.md b/_posts/2020-03-27-cogsec-collab-misp-community.md index 7fc9069..414709c 100644 --- a/_posts/2020-03-27-cogsec-collab-misp-community.md +++ b/_posts/2020-03-27-cogsec-collab-misp-community.md @@ -4,11 +4,9 @@ title: Cogsec Collab MISP Community authors: - VVX7 date: 2020-03-26 -math: true -draft: false -diagram: true tags: ["Disinformation", "Information Operations", "Cognitive Security", "MISP", "Threat Intelligence"] categories: [] +featured: /assets/images/cogsec/amitt.png image: placement: 3 caption: '' @@ -20,13 +18,13 @@ The below article has been kindly contributed by VVX7 (@VV\_X\_7 on twitter) on *\- the MISP-Project team* -## A community dedicated to information operations +# A community dedicated to information operations We're proud to announce the CogSec Collab MISP Community - the first public MISP sharing group dedicated to misinformation and information campaigns. Our community seeks to connect misinformation researchers and responders by providing tools to streamline investigation and reporting on disinformation and information campaigns. By making our MISP instance available to the community we're enabling researchers to generate and share information operations data in MISP JSON or STIX format at just a click of a drop-down menu. -We look forward to working with our partners to provide access to disinformation documentation and sharing standards, indicators, countermeasures and playbooks. +We look forward to working with our partners to provide access to disinformation documentation and sharing standards, indicators, countermeasures and playbooks. Send us an email to request access. @@ -43,28 +41,27 @@ At its core MISP is an automated correlation engine. It assists analysts in fin ## AM!TT Misinformation Pattern Galaxy -{{< figure src="galaxy_list.png" title="Descriptions of AMITT Techniques in the MISP Misinformation Pattern Galaxy." >}} +{{< figure src="/assets/images/cogsec/galaxy_list.png" title="Descriptions of AMITT Techniques in the MISP Misinformation Pattern Galaxy." >}} Our first achievement was the integration of the [AM!TT Framework](https://github.com/misinfosecproject/amitt_framework) as a [MISP Galaxy](https://www.misp-project.org/galaxy.html#_misinformation_pattern). It contains the tags and definitions needed for describing the misinformation tactics and techniques present in a specific information operation. ## AM!TT Navigatord -{{< figure src="amitt.png" title="The MISP Project kindly developed this built-in technique navigator." lightbox="true" >}} +{{< figure src="/assets/images/cogsec/amitt.png" title="The MISP Project kindly developed this built-in technique navigator." lightbox="true" >}} -Applying the AM!TT galaxy information to an event must be easy in order to encourage use by already overburdened information researchers. The MISP Project developers kindly created an inline AM!TT Navigator to respond to this need for conveniently tagging events with AM!TT techniques. +Applying the AM!TT galaxy information to an event must be easy in order to encourage use by already overburdened information researchers. The MISP Project developers kindly created an inline AM!TT Navigator to respond to this need for conveniently tagging events with AM!TT techniques. With this tool, analysts can simply click on the relevant techniques found in a report or sighting to include that information in the misinformation event data. ## DFRLab Dichotomies of Disinformation -{{< figure src="dfrlab.png" title="Atlantic Council's DFRLab Dichotomies of Disinformation" lightbox="true" >}} +{{< figure src="/assets/images/cogsec/dfrlab.png" title="Atlantic Council's DFRLab Dichotomies of Disinformation" lightbox="true" >}} Also included in the CogSec Collab MISP is [Atlantic Council's DFRLab](https://www.atlanticcouncil.org/programs/digital-forensic-research-lab/) [Dichotomies of Disinformation](https://github.com/DFRLab/Dichotomies-of-Disinformation) which is a new standard for describing information campaigns that can be used alone or in complement to the AM!TT framework. -The work of the DFRLab is included in MISP as a Taxonomy - a set of machine tags for describing indicators and events. - +The work of the DFRLab is included in MISP as a Taxonomy - a set of machine tags for describing indicators and events. ## Future Work