Misp

Description

The MISP Threat Sharing project consists of multiple initiatives, from software to facilitate threat analysis and sharing to freely usable structured Cyber Threat Information and Taxonomies.

Configuration

M&NTIS MISP comes pre-configured by the platform. There are two feeds enabled by default on startup: the CIRCL one and the feed from CERT-FR ANSSI.

Accounts

There is two different accounts. Both of them are administrators. The first one is the main one: admin@admin.test:Admin_misp!!. The second one is used as a service account: api_user@mantis.lan, which offers the following Authorization key, used to request the MISP server with HTTP API : CRMApGxEjQ1RvNaCGmykzbgGXalWJnWIiEWBNTIS.

Usage

You can access the MISP server either from the lab by connecting to https://misp.lan or by accessing the proxy link from your machine directly.