//Publications - 05 November 2021

MISP Quick start guide

Introduction

You have been given access to our MISP platform, where we share a curated feed of threat intelligence gathered from multiple sources, and our own malware and threat analysis.

This guide has been prepared by AusCERT for users of the Malware Information Sharing Platform (MISP)

This guide contains the following sections:

  • Gaining access to the MISP platform
  • Locating the online user guides

 

Gaining Access to MISP

Logging in for the first time

After AusCERT has received your technical schedule your MISP user account will be provisioned.

  • You will receive a MISP new user registration email from AusCERT. This message will contain your username and default password, along with the URL of the MISP instance.

  • Visit the MISP instance and login using the credentials contained within the MISP new user registration email from AusCERT.

 

 

  • Upon first log in you will be prompted to change the password, generate a strong password using the following guidelines:
    • Minimum length of 8 characters;
    • Include a-z, A-Z, 0-9;
    • No special characters allowed.

 

 

 

 

Guides and resources

MISP provides extensive documentation on how to use MISP within it's own user interface.

  • Whilst logged into the MISP instance, click Global Actions -> User Guide from the drop-down menu.

 

Quick Start - https://www.circl.lu/doc/misp/quick-start/

Includes basic information on how to create events, browse past events, export events and information on tagging

General Layouthttps://www.circl.lu/doc/misp/general-layout/

Includes information on navigating the main functions of MISP, describing the top and side bar components

Using the System - https://www.circl.lu/doc/misp/using-the-system/

Includes detailed information on how to create events, browse past events, updating and editing events, tagging, automation, exporting data, connecting to other instances and the REST API.

Administrationhttps://www.circl.lu/doc/misp/administration/

Includes information on administration aticities such as users, organisations, roles, server settings and various other tips and tricks.