MISP
Tool and Usage
Project details
- License
- AGPL 3.0
- Programming language
- PHP
- Author
- Christophe Vandeplas
- Latest release
- 2.5.2
- Latest release date
Project health
Why this tool?
MISP collects, stores, and distributes security indicators and discovered threats. This makes the platform useful for those involved with security incidents and malware research. Users benefit from having a well-tested platform to structure the vast number of data points available when it comes to security threats. The tooling allows interaction with other tools, like security incident and event management (SIEM) and intrusion detection systems (IDS).
Usage and audience
MISP is commonly used for fraud detection, information gathering, or threat hunting. Target users for this tool are security professionals.
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
Strengths
- + More than 50 contributors
- + The source code of this software is available
Installation
Supported operating systems
MISP is known to work on Linux.
MISP alternatives
Similar tools to MISP:
HELK
HELK is short for The Hunting ELK, containing Elasticsearch, Logstash, and Kibana. It has advanced analytic capabilities for threat hunting.
sqhunter
Sqhunter performs threat hunting in your environment. It runs on the salt master node and queries open network sockets, among other information.
CHIRON ELK
CHIRON is a tool to provide network analytics based on the ELK stack with threat detection. Learn how it works in this review.
This tool page was updated at . Found an improvement? Help the community by submitting an update.
Related tool information
Categories
This tool is categorized as a network threat detection tool and threat hunting tool.