Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
Is it possible to feed MISP with CrowdSec’s IOC lists?
Do you mean like this? https://github.com/crowdsecurity/misp-modules
You might consider misp feed https://github.com/MISP/PyMISP/tree/main/examples/feed-generator, basically it’s the best way to collect IOCs and import them into a MISP instance. These feeds help to correlate IOCs without manually launching the MISP module every time for each IOC, this also reduce the workload on your API servers as the list is cached locally on the MISP and updated every day.
NOTE:
The number of mentions on this list indicates mentions on common posts plus user suggested alternatives.
Hence, a higher number means a more popular project.
Related posts
- A recent abrupt change in Internet SSH brute force attacks against us
- Threat intelligence IOC enrichments?
- MISP at scale on Kubernetes
- Have you ever tried to create your own module by following the guide in the github repo "misp-modules"?
- Threat Intel with MITRE ATT&CK - how to document progress