What misp can do: List of MISP capabilities #289
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
… threat intelligence platform
|
Thanks we will do a quick review internally and merge it soon. Thanks again for the contribution! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This works serves as a reply to MISP/MISP#9005 issue.
To summarize, it's a list of questions
Is MISP capable of ...about interesting feature that might be desired in a threat intelligence platform. It provides interesting information about MISP capabilities.This list of questions were shared in MISP-gitter chat by MG-Misper and answered partially by @iglocska.
Although the questions were really interesting, the answer didn't bring any information on the way to set it up (yes/no answers). Moreover, some @iglocska 'yes' answer to some question are still confused to me on how concretely to set it up.
The answers that i've made will try to both say if it's currently supported and then describe how in practice this feature is available (how to proceed to get things up).
It's really probable that i've made documentation duplicate as i wanted to detail as much as possible the way to concretely make it available. (I know its against the contributing rules but i made it for purpose )
For each questions i've tried to add as much as possible references to the documentation to help the reader to found additional informations.
Answers labbeled with [NOT DONE] tag need to be completed as they do not give much detail about the way in practice to get this feature up. After the label, there are complementary informations/suggestions to precise what other infos should be added to make the answer clearer.