The ics-csirt.io threat intelligence is powered by MISP, the Open Source Threat Intelligence Platform. The data in MISP is classified with vocabularies, such as the ICS taxonomy and the ATT&CK galaxy.

Access to MISP allows you to sync the intelligence with your own server or download it in various formats such as CSV, JSON, text or STIX. You can also download filter lists for your firewall, proxy server or DNS server.

Feel free to reach out to cudeso.be if you require support for setting up MISP as a threat intelligence platform (TIP) for your ICS or industrial environment.