MISP

LSE top 10LSE top 10MISP (4)MISP (4)

Tool and Usage

Project details

License
AGPL 3.0
Programming language
PHP
Author
Christophe Vandeplas
Latest release
2.4.189
Latest release date

Project health

100
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

MISP collects, stores, and distributes security indicators and discovered threats. This makes the platform useful for those involved with security incidents and malware research. Users benefit from having a well-tested platform to structure the vast number of data points available when it comes to security threats. The tooling allows interaction with other tools, like security incident and event management (SIEM) and intrusion detection systems (IDS).

Usage and audience

MISP is commonly used for fraud detection, information gathering, or threat hunting. Target users for this tool are security professionals.

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + More than 50 contributors
  • + The source code of this software is available

Author and Maintainers

MISP was created by Christophe Vandeplas. Currently the project is managed by Andras Iklody.

Contributors

Installation

Supported operating systems

MISP is known to work on Linux.

MISP alternatives

Similar tools to MISP:

64

HELK

HELK is short for The Hunting ELK, containing Elasticsearch, Logstash, and Kibana. It has advanced analytic capabilities for threat hunting.

64

sqhunter

Sqhunter performs threat hunting in your environment. It runs on the salt master node and queries open network sockets, among other information.

64

CHIRON ELK

CHIRON is a tool to provide network analytics based on the ELK stack with threat detection. Learn how it works in this review.

All MISP alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.