Get Instant Data Awareness on MISP Warning Lists with Polarity

Product May 27, 2020

Today’s post continues an ongoing series on Polarity Integrations. Data tells a story, Polarity helps you see it with Augmented Reality overlaying contextual information from the applications you use every day. With over 100 powerful integrations the Polarity open-source Integrations Library arms you with the right data at the right time to make informed decisions and take action with speed. This example showcases our integration with MISP Warning Lists.

Cyber analysts today are inundated with huge amounts of data on a daily basis. To help avoid information overload and fatigue, which can eventually lead to mistakes in analysis, a team of cyber analysts have put together the MISP Warning List, which is freely available to any security analyst working to protect their organization.

What are MISP Warning Lists?

The MISP Warning List is a list of lists that contain information on indicators to let users of MISP or other platforms know if an indicator is a false positive, error, or a mistake, among other things. The lists are open-source and located on GitHub where anyone can download them.

What does the Polarity-MISP Indicator Integration do?

To make life easier for analysts with instant data awareness and recall, we created a Polarity integration for MISP Warning Lists. The integration allows analysts to see on any screen in real-time if an indicator is a false positive, error, or mistake, allowing analysts to have the right data at the right time, so they can make decisions with confidence and take action with precision and speed.

So that data always stays up to date, the Polarity-MISP Warning List integration will poll the GitHub page nightly.

In this image, notice a URL is highlighted in the CLI on the left. On the right, you can see that Polarity's computer vision recognized the text on screen, and in real-time while the analyst is working, it has provided contextual information for the highlighted URL in the Overlay Window. This contextual information has been pulled from the MISP Warning List, COVID-19 Cyber Threat Coalition Whitelist through the Polarity-MISP Warning List Integration.

What Next?

See for yourself with a Polarity demo or trial. To learn more, take the Tour or tune into our next Community Tech Tuesday.

Integrate with Polarity

Data tells a story, Polarity helps you see it with Augmented Reality. With more than 100 integrations, Polarity works well with the products our customers use every day. Connect your product to Polarity through our open-source integration program.