MISP Project (@misp@misp-community.org ) reposted this
Cyber Resilience and Intelligence Manager at Alpha Bank | MSc, MBA | Microsoft MVP Security (SIEM & XDR)
🏹 New #KQL queries! ➡️ 𝐆𝐞𝐭 𝐭𝐨 𝐤𝐧𝐨𝐰 𝐲𝐨𝐮𝐫 𝐌𝐈𝐒𝐏 𝐭𝐡𝐫𝐞𝐚𝐭 𝐢𝐧𝐭𝐞𝐥𝐥𝐢𝐠𝐞𝐧𝐜𝐞 𝐟𝐞𝐞𝐝 🔗 https://lnkd.in/dQd2XQSk 💡 If you are aggregating a MISP Project (@misp@misp-community.org ) instance for your threat intelligence feed in Microsoft Sentinel (or Unified SecOps), then your 𝐓𝐡𝐫𝐞𝐚𝐭𝐈𝐧𝐭𝐞𝐥𝐥𝐢𝐠𝐞𝐧𝐜𝐞𝐈𝐧𝐝𝐢𝐜𝐚𝐭𝐨𝐫 table will be able to provide some fruitful numbers on how your MISP is overall contributing. The following queries are some ideas that will allow you an overall better understanding of your MISP feed. 😊 Hey, if you enjoyed this query please consider landing a ⭐ at my KQL repo: 🔗 https://lnkd.in/dKqxrnqR #MicrosoftSecurity #KustoQuery #KustoQueryLanguage #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #MISP #ThreatIntel #ThreatIntelligence #CyberThreatIntelligence #CTI
🚀 Great to see the new developments around queries! Your insights into aggregating MISP Projects for threat intelligence are incredibly valuable, especially for those of us using Microsoft Sentinel. It’s fascinating how you highlighted the potential of the ThreatIntelligenceIndicator table—definitely opens up new avenues for understanding our MISP feeds better! 🌐 The way you’ve shared links and resources is so helpful for the community; it really encourages collaboration and knowledge sharing. 🌟 Have you found any specific queries particularly effective in uncovering trends with your MISP data? I'd love to hear more about your experiences! #MicrosoftSecurity #KustoQuery #KustoQueryLanguage #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #MISP #ThreatIntel
Cyber Threat Intelligence Researcher at HNDGS
2moAwesome stats for MISP indicators!