Introduction

User guide for MISP (Malware Information Sharing Platform) - An Open Source Threat Intelligence Sharing Platform. This user guide is intended for ICT professionals such as security analysts, security incident handlers, or malware reverse engineers who share threat indicators using MISP or integrate MISP into other security monitoring tools. The user guide includes day-to-day usage of the MISP's graphical user interface along with its automated interfaces (API), in order to integrate MISP within a security environment.

Acknowledgement

The MISP user guide is a collaborative effort between all the contributors to MISP including:

• Belgian Ministry of Defence (CERT)
• CIRCL Computer Incident Response Center Luxembourg
• Iklody IT Solutions
• NATO NCIRC
• Cthulhu Solutions
• CERT-EU

and many other contributors especially the ones during the MISP hackathons.

Contributing

We welcome contributions to the MISP book. If you want to contribute, fork the misp-book repository and pull a request with your changes. You can also open issues if you find any errors or propose changes.

License

The MISP user guide is dual-licensed under GNU Affero General Public License version 3 and CC-BY-SA 4.0 international.

• Copyright (C) 2012 Christophe Vandeplas
• Copyright (C) 2012 Belgian Defence
• Copyright (C) 2012 NATO / NCIRC
• Copyright (C) 2013-2018 Andras Iklody
• Copyright (C) 2015-2018 Alexandre Dulaunoy
• Copyright (C) 2014-2018 CIRCL - Computer Incident Response Center Luxembourg
• Copyright (C) 2018 Camille Schneider
• Copyright (C) 2018 Steve Clement