Operationalizing MISP with Cratos API
How the Cratos FastAPI proxy closes the gap between intelligence in MISP and the security controls that need to act on it — without exposing credentials or context.
Cyber threats, threat intelligence, and MISP — straight from the field.
Posts
Insights and Updates from eCrimeLabs
MISP Purge Events Tool
Operational guidance for safely purging older events in MISP, including correlation handling, benchmarks, and configuration structure.
MISP Auto Tagging: In Organizations We Trust
A lightweight tool for automatically adding or removing local tags on MISP events from trusted organization UUIDs.
"Analysis of Competing Hypotheses" in Incident Response Cases
How ACH can reduce cognitive bias, structure evidence scoring, and improve confidence during cyber investigations.
Phish2MISP v.1.0 released
Automating the extraction of phishing site attributes and event creation in MISP with Python tooling.
MITRE ATT&CK for improved metrics and KPI on detection capabilities
How MITRE ATT&CK tactics can replace simplistic MTTD/MTTR metrics with structured, adversary-aware detection KPIs for SOC reporting.
Using Threat data in your vulnerability management strategy with MISP
How to use MISP threat sharing and Metasploit CVE data to prioritize vulnerability patching based on real-world exploit activity rather than CVSS scores alone.