Intel 471 Partners with MISP to Drive Greater Value from Threat Intelligence

Sep 28, 2020

Integration Fuses Wealth of Threat Indicators with Extensive Cybercrime Intel; Virtual Roundtable with Walmart, McAfee and Computer Incident Response Center Luxembourg to Explore Threat Intel Experiences and Best Practices

Intel 471 is pleased to announce the release of a MISP integration with premium cybercrime feeds. MISP is an open source threat intelligence platform for gathering, sharing, storing and correlating indicators of compromise (IoCs) of targeted attacks, threat intelligence, financial fraud information, vulnerability information or even counterterrorism information.

Intel 471’s integration will give users the ability to maximize the value of our data without unmanageable complexity. Our data is stored in a structured manner and provides correlated and automated exports for IDS or SIEM in a range of formats including STIX, STIX2, OpenIOC and CSV. The integration also facilitates enhanced correlation through the use of MISP galaxies and Intel 471 tagging.

Intel 471 now offers the following MISP feeds and modules:

  • Vulnerability: Reports and structured data objects for all common vulnerabilities and exploits (CVEs) we report on that are being weaponized and productized in the underground.
  • Malware: In-depth technical malware intelligence reports with ongoing tracking and a near real-time feed of the latest and historic IOCs for more than 30 malware families.
  • Malware (Freemium): As above but complimentary access for three of the malware families we monitor:
    • Azorult
    • Emotet
    • Vidar
  • Bulletproof Hosting: Near real-time feed of IOCs associated with providers that we track. (Coming Soon)
  • Adversary: Actor-centric intelligence combining field-based intelligence collection and headquartered-based analysis. (Coming Soon)

Please join Intel 471 and industry leaders in MISP from Computer Incident Response Center Luxembourg (CIRCL), McAfee and Walmart for an interactive roundtable discussion about MISP and its benefits Oct. 8, 2020 at 3:00 p.m. CET/ 9:00 a.m. EDT. Topics discussed will include the value of integrating different data sets, qualification and refinement of data, business value of MISP and more. With the release of our Freemium MISP version, attendees can be some of the first to request access to our feeds. Register here

For more information on MISP, please contact moc.174letni@spihsrentrap.

About Intel 471

Intel 471 is the premier provider of cybercrime intelligence for leading intelligence, security and fraud teams. Our adversary intelligence is focused on infiltrating and maintaining access to closed sources where threat actors collaborate, communicate and plan cyberattacks. Our malware intelligence leverages our adversary intelligence and underground capabilities to provide timely data and context on malware and adversary infrastructure. Our pedigree is unmatched, built on experience from operating in the intelligence services, military, law-enforcement and private companies across the globe. We protect your organization, products, assets and people. For more information: https://www.intel471.com/