MISP - Threat Intelligence

The ICS threat data is powered by MISP, the Open Source Threat Intelligence Platform. Access to MISP gives you insight in the latest threats for ICS. The data in MISP is classified with vocabularies, such as the ICS taxonomy and the ATT&CK galaxy.

This MISP setup is in 'proof-of-concept' mode, it's not yet ready for production.

Access to MISP allows you to sync the data with your own server or download the threat data in various formats such as CSV or text format but also in the form of detection packages for Loki and IDS devices. Obviously you can also download filtering lists for your firewall, proxy server or DNS server.

  • Threat data
  • Detection packages
  • Proxy filter list
  • DNS block lists