You have been redirected from paterva.com. Maltego.com is the new home for all information regarding Maltego products. Read more about this in a message from the Paterva team and in this blog post and FAQ. close
home Transform Hub data categories - Blockchain

ATT&CK - MISP

By MISP Project
Blockchain Breaches and Leaks CERT Cryptocurrency Fraud

MISP and MITRE ATT&CK Transforms for Maltego

MISP is a threat intelligence platform for sharing, storing and correlating Indicators of Compromise of targeted attacks, threat intelligence, financial fraud information, vulnerability information or evencounter-terrorism information.

MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.

With MISP and MITRE ATT&CK Entities and Transforms, investigators may query data from a MISP Threat Sharing instance, browse through other MISP events, attributes, objects,tags, and galaxies. A typical workflow may involve:

  • Querying a MISP instance for Events that include a given IOC
  • Pivoting a MISP Event into it’s attributes, objects, tags, galaxies and/or related Events
  • Exploring further details from Galaxies and related Events
  • Categorizing available related information within the MITRE ATT&CK framework.

The Maltego MISP integration also permits visualisation of the full MITRE ATT&CK framework. For ATT&CK visualization no MISP API keys are needed. To access a MISP instance users typically need to authenticate.

Note: This set of transforms is open source and can be downloaded or also be installed as local transform. More information is available on the project’s Github page.

Please read the disclaimer before using.

If you are not yet a member of a MISP community, see: https://www.misp-project.org/communities/

Typical users of this data

  • Threat Intel Teams
  • Security Analysts
  • SOCs and CERTs
  • Red Teams and Penetration Testers
  • Incident Response
  • Trust and Safety Teams

Pricing & Access

Pricing Tier: Free

Hub Type: Commercial Hub and Community Hub

Requirements: All Maltego editions

Access: Install directly from Transform Hub on Maltego Desktop Client

Contact


By clicking on "Send Message", you agree to the processing of the data you entered and you allow us to contact you for the purpose selected in the form. For further information, see our Data Privacy Policy.

About MISP Project

MISP is a threat intelligence platform for sharing, storing and correlating Indicators of Compromise of targeted attacks, threat intelligence, financial fraud information, vulnerability information or evencounter-terrorism information.

MISP is a community-driven project lead by the community of users.

For more info, visit: https://www.misp-project.org/

Pick the right product and get started.