MISP Purge Events Tool v0.1 Released
Operational guidance for safely purging older events in MISP, including correlation handling, benchmarks, and configuration structure.
Forging security teams that pull resilience forward.
Insights
Security posts from real operations.
Playbooks, intelligence methods, and engineering patterns from teams solving difficult security problems under pressure.
MISP Auto Tagging: In Organizations We Trust
A lightweight tool for automatically adding or removing local tags on MISP events from trusted organization UUIDs.
"Analysis of Competing Hypotheses" in Incident Response Cases
How ACH can reduce cognitive bias, structure evidence scoring, and improve confidence during cyber investigations.
Phish2MISP v.1.0 released
Automating the extraction of phishing site attributes and event creation in MISP with Python tooling.
MITRE ATT&CK for improved metrics and KPI on detection capabilities
How MITRE ATT&CK tactics can replace simplistic MTTD/MTTR metrics with structured, adversary-aware detection KPIs for SOC reporting.
Using Threat data in your vulnerability management strategy with MISP
How to use MISP threat sharing and Metasploit CVE data to prioritize vulnerability patching based on real-world exploit activity rather than CVSS scores alone.
Operationalizing MISP
Practical guidance for governance, enrichment, and cross-team adoption without workflow friction.