-
Notifications
You must be signed in to change notification settings - Fork 1
Home
chackco edited this page Feb 22, 2021
·
14 revisions
Welcome to the TM-MISP wiki!
TM-MISP project was created to joint Trend Micro CTD with MISP platform which will serve as bridge to synchronize IOC object from MISP to Trend Micro Apex Central (i.e. SHA-1 hash, URL, IP or Domain) and Deep Security/Cloud One Workload Security (i.e. SHA256). It can also synchronize virtual analyzer suspicious object back to MISP platform via CSV feed (SHA-1, SHA256, URL, IP and Domain)
- Testing with MISP v.24.126@150b66d VMDK edition
- Download MISP VMDK (or other format) from https://www.circl.lu/misp-images/latest/ i.e. Download file MISP_vX.X@YYYYY-VMware.zip
- Extract zip file and run VMware workstation, boot up waiting IP address (DHCP) i.e. 192.168.0.100
- Test log in using SSH to MISP using user/pass = misp/Password1234
- Test Open browser to https://IP_of_MISP i.e. https://192.168.0.100
- Login with admin@admin.test/admin
- Change password
-
MISP IOC Sync to Trend Micro Product, See
Automatic Install or Automatic Update on Right hand side menu -
Trend Micro Virtual Analyzer Suspicious Object (IOC) Sync to MISP, See Add on Sync DDD VASO to MISP feed on Right hand side menu
[ TM-MISP Project ]