MISP
Open Source Threat Intelligence and Sharing Platform

MISP is an open source threat intelligence platform designed for collecting, storing, distributing, and sharing cybersecurity indicators and threat data. It enables security analysts, incident responders, and malware researchers to collaborate by sharing structured threat information with trusted partners and communities. The platform supports automated exports to IDS and SIEM tools, correlation of indicators of compromise, and a rich taxonomy and galaxy system for classifying threats.
MISP stores indicators of compromise (IOCs) in a structured format, correlates them automatically, and synchronizes threat data across interconnected MISP instances and communities using open standards like STIX and OpenIOC.
Security analysts, incident responders, and cybersecurity professionals
Background.
- Status
- launched
- Business model
- open-source
- Company
- CIRCL (Computer Incident Response Center Luxembourg)
Similar projects.
Editorial take on the space this project sits in — momentum signals, adjacent moves, our call on whether the wedge is real. Get pinged when we publish a new read or when the landscape shifts.
Have a take on this space?
Tell us what you’d build differently, where you think the incumbents miss, or what we’ve gotten wrong about this project. Comments + reactions are coming soon.