Surevine integrates with MISP to enhance information sharing and collaboration

Recent Research and Development has resulted in Surevine’s Threatvine Hub being able to seamlessly integrate with the MISP (Malware Information Sharing Platform).

Threatvine Hub is a next generation cyber-security information sharing platform designed for secure cross-organisational collaboration and collaborative intelligence analysis. Communities built on Threatvine enable individuals to share information with each other on a trusted platform. The ability to integrate with MISP allows those communities to gain deeper insights and harness knowledge enhanced by the indicators in connected MISP instances.

Threatvine Hub community members have always benefited from the powerful effect of human collaboration, now those collaborations can be further enriched with relevant data from MISP. Information shared in the Threatvine Hub community can be correlated with Indicators of Compromise in connected MISP instances.

The intelligent enrichment of Threatvine Hub information is supported by bidirectional posting between MISP and Threatvine Hub. Updates to MISP can be directed to Threatvine Hub and vice-versa, automatically.

CEO and Founder of Surevine, Stuart Murdoch said

“Trust is the primary currency in cyber-security information sharing. Trust is built between people and develops over time. Threatvine provides the people involved in cyber-security with a platform for them to build communities and establish networks of trusted individuals. Threatvine enables those communities to go beyond cyber-security information sharing to collaborative intelligence analysis and derive actionable insight. To collaboratively develop that intelligence, the community require data, information, and raw threat intelligence as the building blocks.

We’re delighted, as part of our participation in the DCMS-backed London Cyber Innovation Centre (LORCA) programme, to have been able to engage CSIT, Queen’s University Belfast on an R&D project which has resulted in a two-way integration between Threatvine and MISP, a popular free and open source threat intelligence platform, focussed on Indicators of Compromise.

We are particularly pleased to have been able to work with MISP because: being free and open source means it is often the first option for teams to get up to speed quickly with threat intelligence; support of the MISP project from the EU has encouraged its adoption by EU members states; it’s adherence to the STIX open standard for Indicators of Compromise, makes interoperability easier; and it is extensively used by Deloitte, and their customers, and we have been able to strengthen our partnership with Deloitte as a result of this project, delivering a value-add for MISP users”.

Surevine worked on the research project with CSIT at Queen’s University Belfast (QUB) whilst part of the first cohort of cyber companies selected to be part of LORCA.

This new integration means members of Threatvine communities can gain deeper insights more quickly than ever before, keeping them one step ahead of the cyber threat.