The Malware Information Sharing Platform (MISP) tool facilitates the exchange of Indicators of Compromise (IOCs) about targeted malware and attacks within a community of trusted members. MISP is a distributed IOC database containing technical and non-technical information. Exchanging such information can result in faster detection of targeted attacks and improve the detection ratio, whilst also reducing the number of false positives.
How Our Integration Works
The Malware Information Sharing Platform (MISP) is an open source threat intelligence platform for storing, correlating and sharing Indicators of Compromise (IOCs) within a community of trusted members.
The VMRay – MISP Connector enables the automatic submission of files from MISP into VMRay. The resulting VMRay analysis results, severity scores, Indicators of Compromise (IOCs) and YARA rule matches can then be easily ingested back into MISP. These results can then be correlated with data from other sources to detect an attack early.