Posted: 15th April 2022

Product Overview

MISP is an open source threat intelligence platform for gathering, sharing, storing and correlating indicators of compromise (IoCs) of targeted attacks, threat intelligence, financial fraud information, vulnerability information, or even counter-terrorism information. Integrating Recorded Future’s security intelligence data into MISP makes operationalizing your intelligence easier than ever.

Challenges Overcome Through Integration

The MISP and Recorded Future integration empowers organizations IOC risk lists ingested as feeds and external, real-time risk scores, enabling your team to act faster, with greater confidence and context. Integrating Recorded Future also gives analysts the ability to operationalize and curate indicators of compromise from a single location, based on Recorded Future evidence-based insights. This ensures the right intelligence is in the right place, at the right time for proactive and informed threat detection, prevention, and hunting.

The MISP and Recorded Future integration empowers your organization to:

  • Respond quickly with transparency and context
  • Maximize investments in existing security tools
  • Improve security team efficiency
  • Reduce manual research time

Integration Description

Analysts are expected to gain and maintain situational awareness of their external threat landscape, but this requires manually consolidating and integrating an overwhelming amount of threat data into security technologies, teams, and processes. That takes valuable time, which slows detection and analysis of true threats. Recorded Future for MISP enables analysts to detect more threats and respond faster by integrating elite security intelligence into their existing TIP solution.

The MISP and Recorded Future integration puts unprecedented security intelligence data at analysts fingertips on a scheduled basis, including:

  • IP, domain, hash, URL, and vulnerability risk lists
  • Risk scores
  • Risk rules triggered
  • Mitre ATT&CK mappings
  • Mappings to MISP galaxies including related actors and malware families