-
Hi,
Does MISP provide API function to allow importing of IoCs to an event? I notice the MISP interface has a function to allow populating of IoCs from the freetext import function. Is there any way…
-
**Is your feature request related to a problem? Please describe.**
We have the database sink action, but it is intended to sink to external DBs. A way for users to store data local to tracecat, and …
-
Hi,
I have been using MISP a lot and i used to building my own MISP docker image from the sources but now I'm very happy to use the new production ready misp-docker.
While switching to the new d…
-
## Use case
With the UI search and Bulk search, it would be useful to search against example.com as well as example[.]com as we may receive large amounts of defanged IOCs we would like to search fo…
-
**Is your feature request related to a problem?**
Customers have constant streams of threat intel feeds which contain millions of malicious IPs or DNS or other Indicators of Compromise (IoCs).
They …
-
work out how to use something like https://msticpy.readthedocs.io/en/latest/data_analysis/IoCExtract.html to rip iocs out of any old text and make a basic sigma rule that could be basis of stix / othe…
adonm updated
4 months ago
-
Aggregate all gateway put logs into a separate index?
Or share the caputlog index with regular IOCs?
-
When running `simDetector` I get the following errors:
```
activeGroupClass::btnUp calling node btnUp
CA.Client.Exception...............................................
Warning: "Identical p…
-
The macros for enabling DEVSIM should be added to all existing IOCs so they are ready for Lewis even if a simulator does not exist yet.
Here is an example from the Lakeshore 336:
```## For emula…
-
Intro
------
I have successfully got arm64 builds of epics-base to work.
However there are a couple of reasons not to merge this into main.
- DLS does not actually need arm64
- arm64 build…