In order to use the Polarity - MISP integrations, instance URL and an API Key are required.
Both MISP and the MISP IOC submission integrations require the same configuration options.
Indicator Types - IPs, Emails, Hashes, Domains
Url - The URL for your MISP server which should include the schema (i.e., http, https) and port if required.
API Key - API Key for the provided user. To create an API key within MISP, please navigate settings and create a Polarity API account.
Enable Adding Tags - If selected, users can add tags to an event in MISP.
Enable Removing Tags - If selected, users can remove tags from an event in MISP.
Allow IOC Deletion - If selected, analysts running the IOC Submission integration can delete indicators from Threatstream.