OpenDXL ATD MISP 1.0.0

This solution focuses on automated threat intelligence collection with McAfee ATD, OpenDXL and MISP.

McAfee Advanced Threat Defense (ATD) produces local threat intelligence that is published via DXL. An OpenDXL wrapper subscribes and parses indicators that ATD produces and imports indicators into a threat intelligence management platform (MISP).

McAfee Advanced Threat Defense (ATD) is a malware analytics solution combining signatures and behavioral analysis techniques to rapidly identify malicious content and provides local threat intelligence. ATD exports IOC data in STIX format in several ways including DXL.

MISP threat sharing platform is a free and open source software helping information sharing of threat and cyber security indicators.