MISP | Recorded Future
MISP

MISP

Table of Contents



Support

Product Overview

MISP is an open source threat intelligence platform for gathering, sharing, storing and correlating indicators of compromise (IoCs) of targeted attacks, threat intelligence, financial fraud information, vulnerability information, or even counter-terrorism information. Integrating Recorded Future’s security intelligence data into MISP makes operationalizing your intelligence easier than ever.


Challenges Overcome Through Integration

The MISP and Recorded Future integration empowers your team with the context required to make faster, more confident decisions. Access rich external context, IOC risk lists ingested as feeds, and an enrichment module directly within MISP to operationalize and curate IoCs from a single location. This positions the right intelligence in the right place at the right time for proactive and informed threat detection, prevention, and hunting.

The MISP and Recorded Future integration empowers your organization to:

  • Respond quickly with transparency and context
  • Maximize investments in existing security tools
  • Improve security team efficiency
  • Reduce manual research time
MISPProject

Integration Description

Analysts are expected to gain and maintain situational awareness of their external threat landscape, but this requires manually consolidating and integrating an overwhelming amount of threat data into security technologies, teams, and processes. That takes valuable time, which slows detection and analysis of true threats. Recorded Future for MISP enables analysts to detect more threats and respond faster by integrating elite security intelligence into their existing TIP solution.

The MISP and Recorded Future integration puts unprecedented security intelligence data at analysts fingertips on a scheduled basis, including:

  • IP, domain, hash, URL, and vulnerability risk lists
  • Risk scores
  • Risk rules triggered
  • Mitre ATT&CK mappings
  • Mappings to MISP galaxies including related actors and malware families