Skip to content

About MISP Integration#

This topic explains how the malware information sharing platform (MISP) integrates with TheHive.

Upgrading MISP from 2.4.x to 2.5.x

If you have upgraded MISP from version 2.4.x to 2.5.x, ensure that you update the database configuration in MISP to avoid potential issues.

What's MISP?#

MISP is an open-source threat intelligence platform designed to improve the sharing of structured threat information. This includes indicators of compromise (IOCs), tactics, techniques, procedures (TTPs), and other relevant data.

MISP enables organizations to share, store, and correlate security information to enhance their cybersecurity efforts and collaborate with other organizations or threat intelligence communities.

Connections with TheHive#

TheHive integrates with MISP in several ways:

Permissions#

Required permissions for managing MISP server connections

Only users with an admin-type profile that has the managePlatform permission can manage MISP server connections in TheHive.

Next steps