Threats

MISP - Threat Intelligence

The ics-csirt.io threat information and intelligence is powered by MISP. Events and attributes are classified with vocabularies, such as the ICS taxonomy and the ATT&CK galaxy. Access to MISP allows you to sync with your own server or download it in various formats such as CSV, JSON, text or STIX. You can also download filter lists for your firewall, proxy server or DNS server.

The access conditions are described on the contact page.

Contact cudeso.be for support to set up MISP as a threat intelligence platform (TIP) for your ICS or industrial environment.

  • Threat data and information
  • Incident detection
  • Proxy filter list
  • DNS block lists