Skip to content
English
Go to Mercury
  • There are no suggestions because the search field is empty.

How do I access QuoIntelligence's MISP?

This article will walk you through the steps needed to access and utilize our MISP node to enhance your SIEM (Security Information and Event Management) use cases.

Welcome to QuoIntelligence's MISP Access service!

Overview of MISP Premium Access

Our MISP instance is designed to provide you with top-tier threat intelligence by aggregating the most reliable OSINT (Open Source Intelligence) feeds and enriching them with our proprietary, in-house curated data. By leveraging our MISP node, you can streamline your threat detection processes, gain critical insights into cyber threats, and optimize your overall cybersecurity strategy.

Key Benefits:

  • In-Depth Analysis & Reporting: Receive detailed analysis and customized reports to support your strategic planning and decision-making processes.
  • Enhanced Threat Intelligence: Understand your adversaries, their motivations, and capabilities, and compare them against your attack surface for a comprehensive risk assessment.
  • Efficient Threat Response: Respond more rapidly to genuine threats by filtering out false positives and prioritizing alerts, reducing your organization's exposure to significant breaches.
  • Resource Optimization: Save time and resources by leveraging our MISP infrastructure, eliminating the need to set up and maintain your own MISP node.
  • Improved Organizational Communication: Strengthen communication, planning, and investment within your organization by focusing on real threats and protecting high-risk assets.

Accessing the MISP Instance

Follow these steps to access our MISP node and start integrating it into your SIEM workflows:

Step 1: Account Setup

  1. Request Access: Contact your customer success manager or our support team to request access to our MISP instance. You will receive an email containing your login credentials and a link to QuoIntelligence's MISP portal.

  2. Login to the Portal: Use the provided credentials to log in to our MISP portal. The login page can be accessed through the link provided in your welcome email.  You can also access QuoIntelligence's MISP via this link.

  3. Password Change: Upon first login, you will be prompted to change your password. Ensure that you choose a strong, unique password to secure your account.

Step 2: Exploring the Dashboard

  1. Familiarize Yourself with the Interface: Once logged in, you will be presented with the MISP dashboard. Take some time to explore the various sections such as events, attributes, galaxies, and tags.

  2. Customizing Your Feed: Customize the threat intelligence feed according to your organization's specific needs. You can filter feeds, subscribe to specific sources, or create alerts for particular threat types.

Step 3: Integrating with Your SIEM

  1. API Access: To integrate MISP with your existing SIEM solution, you will need to access the MISP API. The API keys and documentation can be found under the "Automation" section in the MISP dashboard.

    ⚠️ Remember you will need Synch rights to perform SIEM integrations. Ask for them at the moment of activation directly to your Customer Success Manager or our support team.

  2. Configure Data Sharing: Set up data sharing between MISP and your SIEM by configuring the API settings in your SIEM tool. This will enable automatic ingestion of threat data from MISP into your SIEM for real-time analysis and alerting.

  3. Test the Integration: After configuration, conduct a test to ensure that the data flow between MISP and your SIEM is working correctly. Check that alerts and events are being correctly logged and processed.