Conversion matrix
Actor
ID |
MISP |
STIX2 |
---|---|---|
colanderAPT |
MISPorganization |
STIX2threat-actor |
colanderCOMPANY |
MISPorganization |
STIX2identity |
colanderCYBER_CRIMINAL |
MISPperson |
STIX2threat-actor |
colanderGENERIC |
MISPorganization |
STIX2identity |
colanderHACKTIVIST |
MISPperson |
STIX2identity |
colanderINDIVIDUAL |
MISPperson |
STIX2identity |
colanderINSIDER |
MISPperson |
STIX2threat-actor |
colanderNATION_STATE |
MISPorganization |
STIX2identity |
colanderNGO |
MISPorganization |
STIX2identity |
colanderPUB_INST |
MISPorganization |
STIX2identity |
colanderTHREAT_ACTOR |
MISPperson |
STIX2threat-actor |
Artifact
ID |
MISP |
STIX2 |
---|---|---|
colanderANDROID_BACKUP |
MISPfile |
STIX2file |
colanderANDROID_SAMPLE |
MISPfile |
STIX2file |
colanderARCHIVE |
MISPfile |
STIX2file |
colanderAUDIO |
MISPfile |
STIX2file |
colanderBACKUP |
MISPfile |
STIX2file |
colanderBINARY |
MISPfile |
STIX2file |
colanderCRYPTO_T |
MISPfile |
STIX2file |
colanderDOCUMENT |
MISPfile |
STIX2file |
colanderEMAIL |
MISPfile |
STIX2file |
colanderF_DUMP |
MISPfile |
STIX2file |
colanderGENERIC |
MISPfile |
STIX2file |
colanderHAR |
MISPfile |
STIX2file |
colanderIMAGE |
MISPfile |
STIX2file |
colanderIOS_BACKUP |
MISPfile |
STIX2file |
colanderIOS_SAMPLE |
MISPfile |
STIX2file |
colanderJSON |
MISPfile |
STIX2file |
colanderPCAP |
MISPfile |
STIX2file |
colanderREPORT |
MISPreport |
STIX2file |
colanderSAMPLE |
MISPfile |
STIX2file |
colanderSOCIAL_POST |
MISPfile |
STIX2file |
colanderSOCKET_T |
MISPfile |
STIX2file |
colanderSSLKEYLOG |
MISPfile |
STIX2file |
colanderTEXT |
MISPfile |
STIX2file |
colanderVIDEO |
MISPfile |
STIX2file |
colanderWEBPAGE |
MISPfile |
STIX2file |
Data fragment
ID |
MISP |
STIX2 |
---|---|---|
colanderCODE |
MISPcolander-data-fragment |
unsupported |
colanderGENERIC |
MISPcolander-data-fragment |
unsupported |
colanderPATTERN |
MISPcolander-data-fragment |
unsupported |
colanderPAYLOAD |
MISPcolander-data-fragment |
unsupported |
colanderTEXT |
MISPcolander-data-fragment |
unsupported |
Detection rule
ID |
MISP |
STIX2 |
---|---|---|
colanderGENERIC |
unsupported |
unsupported |
colanderSURICATA |
MISPsuricata |
unsupported |
colanderYARA |
MISPyara |
unsupported |
Device
ID |
MISP |
STIX2 |
---|---|---|
colanderDESKTOP |
MISPdevice |
STIX2infrastructure |
colanderGENERIC |
MISPdevice |
STIX2infrastructure |
colanderIOT |
MISPdevice |
STIX2infrastructure |
colanderLAPTOP |
MISPdevice |
STIX2infrastructure |
colanderMOBILE |
MISPdevice |
STIX2infrastructure |
colanderROUTER |
MISPdevice |
STIX2infrastructure |
colanderSERVER |
MISPdevice |
STIX2infrastructure |
Event
ID |
MISP |
STIX2 |
---|---|---|
colanderALERT |
MISPcolander-event |
unsupported |
colanderATTACK |
MISPcolander-event |
unsupported |
colanderAV_DETECTION |
MISPcolander-event |
unsupported |
colanderCOMMUNICATION |
MISPcolander-event |
unsupported |
colanderCOMPROMISE |
MISPcolander-event |
unsupported |
colanderGENERIC |
MISPcolander-event |
unsupported |
colanderHIT |
MISPcolander-event |
unsupported |
colanderINFECTION |
MISPcolander-event |
unsupported |
colanderPASSIVE_DNS |
MISPcolander-event |
unsupported |
colanderRESOLVE |
MISPcolander-event |
unsupported |
colanderTARGETED_ATTACK |
MISPcolander-event |
unsupported |
Observable
ID |
MISP |
STIX2 |
---|---|---|
colanderASN |
MISPAS |
STIX2indicator |
colanderCIDR |
unsupported |
unsupported |
colanderCOMMUNITY_ID |
MISPcommunity-id |
unsupported |
colanderCVE |
unsupported |
unsupported |
colanderDEXOFUZZY |
unsupported |
unsupported |
colanderDNS_RECORD |
unsupported |
unsupported |
colanderDOMAIN |
MISPdomain |
STIX2indicator |
colanderDOMAIN_REGISTRANT |
unsupported |
unsupported |
colanderDOMAIN_REGISTRAR |
unsupported |
unsupported |
colanderEMAIL |
MISPemail |
STIX2indicator |
colanderGENERIC |
unsupported |
unsupported |
colanderHOSTNAME |
unsupported |
unsupported |
colanderIMPHASH |
MISPimphash |
unsupported |
colanderIPV4 |
MISPip-dst |
STIX2indicator |
colanderIPV6 |
MISPip-dst |
STIX2indicator |
colanderLOCATION |
unsupported |
unsupported |
colanderMAC |
MISPmac-address |
STIX2indicator |
colanderMD5 |
MISPmd5 |
STIX2indicator |
colanderMUTEX |
MISPmutex |
STIX2indicator |
colanderNAMESPACE |
unsupported |
unsupported |
colanderOS_QUERY |
unsupported |
unsupported |
colanderPATH |
MISPfilename |
STIX2indicator |
colanderPEHASH |
unsupported |
STIX2indicator |
colanderPHONE |
MISPphone-number |
unsupported |
colanderPROCESS |
unsupported |
STIX2indicator |
colanderSERVICE |
unsupported |
unsupported |
colanderSHA1 |
MISPsha1 |
STIX2indicator |
colanderSHA256 |
MISPsha256 |
STIX2indicator |
colanderSOCIAL_ACCOUNT |
unsupported |
STIX2indicator |
colanderSSL_CERT_F |
unsupported |
unsupported |
colanderURI |
unsupported |
unsupported |
colanderURL |
MISPurl |
STIX2indicator |
Threat
ID |
MISP |
STIX2 |
---|---|---|
colanderADWARE |
MISPmisp-tag |
STIX2malware |
colanderAPT |
MISPmisp-tag |
unsupported |
colanderBACKDOOR |
MISPmisp-tag |
STIX2malware |
colanderBOTNET |
MISPmisp-tag |
STIX2malware |
colanderBROWSER_HIJACKER |
MISPmisp-tag |
STIX2malware |
colanderCRYPTOJACKING |
MISPmisp-tag |
STIX2malware |
colanderCYBER_ATTACK |
MISPmisp-tag |
unsupported |
colanderCYBERCRIME |
MISPmisp-tag |
unsupported |
colanderDOXXING |
MISPmisp-tag |
unsupported |
colanderDROPPER |
MISPmisp-tag |
STIX2malware |
colanderEXPLOIT_KIT |
MISPmisp-tag |
STIX2malware |
colanderGENERIC |
MISPmisp-tag |
STIX2malware |
colanderHARASSMENT |
MISPmisp-tag |
unsupported |
colanderINFO_STEALER |
MISPmisp-tag |
STIX2malware |
colanderLOADER |
MISPmisp-tag |
unsupported |
colanderMALVERTISING |
MISPmisp-tag |
STIX2malware |
colanderMALWARE |
MISPmisp-tag |
STIX2malware |
colanderMOBILE_MALWARE |
MISPmisp-tag |
STIX2malware |
colanderPHISHING |
MISPmisp-tag |
STIX2malware |
colanderPHYSICAL_ATTACK |
MISPmisp-tag |
unsupported |
colanderRANSOMWARE |
MISPmisp-tag |
STIX2malware |
colanderRAT |
MISPmisp-tag |
STIX2malware |
colanderROOTKIT |
MISPmisp-tag |
STIX2malware |
colanderSPAM |
MISPmisp-tag |
unsupported |
colanderSPYWARE |
MISPmisp-tag |
STIX2malware |
colanderSTALKERWARE |
MISPmisp-tag |
STIX2malware |
colanderTROJAN |
MISPmisp-tag |
STIX2malware |