Synchronize CrowdStrike with MISP
MISP is an open-source software solution for collecting, storing, distributing, and sharing cyber security indicators and threats about cyber security incidents analysis and malware analysis. It fosters the sharing of structured information within the security community and abroad. MISP provides functionalities to support the exchange of information but also the consumption of said information by Network Intrusion Detection Systems (NIDS), LIDS but also log analysis tools, SIEMs.
CrowdStrike consumes IOCs and also produces threat intelligence that you can add to MISP. DTonomy provides tools and a set of solutions to enable you to create bi-direction synchronization between CrowdStrike and MISP.
The core functionalities include:
- ingest MISP IOCs to CrowdStrike
- import adversaries, indicators, or reports from CrowdStrike Falcon X into your MISP instance from a specified number of days backward in time.