This update provides the following new functionality:
Maps CrowdStrike adversaries to the MISP Threat Actor galaxy. Existing adversaries are identified within the current galaxy, and new galaxy clusters are create for adversaries that are not present. These threat actors are removed as part of adversary delete operations.
Maps target sectors to the MISP Sector galaxy.
Maps target regions to the MISP Regions M49 galaxy.
Maps target countries to the MISP Countries galaxy.
Dramatically expands malware identification by looking up malware in additional MISP galaxies. The galaxy.ini file is still leveraged to override undesired matches by forcing a galaxy mapping.
Resolves the publishing issue for Malware / Indicator type events. Closes #123.
This update provides the following new functionality:
galaxy.ini
file is still leveraged to override undesired matches by forcing a galaxy mapping.