Integrating Threat Indicators with MISP and Splunk Enterprise Security

Description

Integrating COVID (or Any) Threat Indicators from Malware Information Sharing Platform (MISP) in Enterprise Security.

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Security Monitoring

Category

Threat Intelligence

Alert Volume

Integrating COVID (or Any) Threat Indicators from Malware Information Sharing Platform (MISP) in Enterprise Security.

SPL Difficulty

Low

Journey

Stage 3

Data Sources

Endpoint Detection and Response
Network Communication
Web Proxy

   Integrating COVID (or Any) Threat Indicators with MISP and Splunk Enterprise Security

Full details on how to implement this use case can be found in the Splunk Blog "Integrating COVID (or Any) Threat Indicators with MISP and Splunk Enterprise Security". Use the link below to get the full details.

Learn More...