Skip to content

McHughSecurity

Cyber Security Professional

  • Home
  • Blog
  • Security Operations
  • DFIR
    • Reverse Engineering
      • Dynamic Analysis
      • Static Analysis
  • Vuln. Mgmt
  • Intelligence
    • Open-Source Intelligence
    • Threat Intelligence
      • AIL Framework
      • MISP – Open Source Threat Intelligence Platform
      • OpenCTI
  • Threat Modelling
    • Attack Libraries
    • Attack Trees
    • Mitigating Techniques
    • SaaS Threat Modelling
    • Threat Models
    • Tools
    • Validating Threat Mitigations

Category Frameworks

  • Home
  • Archive by category "Frameworks"
April 24, 2022

Feeding Analysis Information Leak (AIL) Framework

By A.McHugh in AIL Framework

I have been playing with CIRCL's AIL Framework recently (which I will be writing about in another blog post), but I have had an interest in monitoring Telegram channels for…

Read More

July 31, 2021

Deploying MISP on DigitalOcean or Vultr Cloud Hosting

By A.McHugh in Frameworks Tag #misp

I have found myself deploying MISP on very small instances lately, mostly to function as a clearinghouse for intelligence I have been generating. So it begs the question - Does…

Read More

May 23, 2021

Using the workflow taxonomy in MISP

By A.McHugh in MISP - Open Source Threat Intelligence Platform Tag taxonomies, workflow

In the context of MISP, intelligence handling usually requires a set of stages for that information to be handled effectively. This can be addressed procedurally through a workflow. Understanding how…

Read More

May 11, 2021

Using the Estimative Language Taxonomy in MISP

By A.McHugh in MISP - Open Source Threat Intelligence Platform

According to the MISP taxonomies listing for Estimative Language, this taxonomy is used to descrie the quality and credibility of the underlying information sources, data, and methodologies as described under…

Read More

May 11, 2021

Using the Data Classification Taxonomies in MISP

By A.McHugh in MISP - Open Source Threat Intelligence Platform Tag data-classification

Data classification is broadly defined as the process of organising data by relevant categories so that it may be used and protected more efficiently. On a basic level, the classification…

Read More

May 10, 2021

Using the Course of Action Taxonomies in MISP

By A.McHugh in MISP - Open Source Threat Intelligence Platform Tag course-of-action, misp

One of the great aspects of MISP, is the use of tags to give an indication of what needs to be done with an indicator within an event. Whole events…

Read More

April 27, 2021

Building Structured Threat Intelligence (STIX) from FBI notices

By A.McHugh in MISP - Open Source Threat Intelligence Platform Tag APT35, Charming Kittens

Intelligence is pretty much everywhere in unstructured formats, and this can be in informal blog posts, tweets, and even within FBI or US Treasury documents. In this article, I am…

Read More

March 20, 2021

Using MISP in an air-gapped environment

By A.McHugh in Design, MISP - Open Source Threat Intelligence Platform Tag #misp, air-gapped

MISP works really well in an internet connected environment in gathering and creating correlations. However, in air-gapped environments the ability to query MISP for indicators is still incredibly useful, except…

Read More

February 14, 2021

Using MISP in a TraceLabs Missing Persons engagement

By A.McHugh in Blog, MISP - Open Source Threat Intelligence Platform

MISP is certainly intended to be used like this, however, with some creativity and some technical effort, the MISP Threat Intelligence Platform could be utilized as a missing person's intelligence…

Read More

Search

Recent Posts

  • Auto-updating Ubuntu 20.04 in less than 2 minutes
  • Feeding Analysis Information Leak (AIL) Framework
  • An Introduction to Threat Intelligence
  • Deploying MISP on DigitalOcean or Vultr Cloud Hosting
  • Building CCCS’ AssemblyLine for Static Analysis

Archives

  • April 2022
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • September 2020
  • April 2020
  • March 2020
  • January 2020
  • May 2019

Recent Posts

  • Auto-updating Ubuntu 20.04 in less than 2 minutes
  • Feeding Analysis Information Leak (AIL) Framework
  • An Introduction to Threat Intelligence
  • Deploying MISP on DigitalOcean or Vultr Cloud Hosting
  • Building CCCS’ AssemblyLine for Static Analysis

Categories

  • AIL Framework
  • Blog
  • Build
  • Design
  • Digital Forensics & Incident Response
  • Frameworks
  • Intelligence
  • MISP – Open Source Threat Intelligence Platform
  • Open-Source Intelligence
  • Operate
  • Security Operations
  • Static Analysis
  • Threat Intelligence

Proudly powered by WordPress | Theme: SpicePress by SpiceThemes