Flowtriq for MISP
Share DDoS attack intelligence with MISP. Export attacker IPs, attack vectors, and incident metadata as MISP events. STIX/TAXII compatible for sharing with your threat intelligence community.
Setup
Connect in three steps
Capabilities
DDoS threat intelligence for MISP
Automated IOC Export
Every DDoS incident above your configured severity threshold is automatically exported to MISP as a structured event. Source IPs become network indicators, attack families become tags, and incident metadata fills event attributes.
Attack Attribution
MISP events include attacker source IPs, target IPs, attack family classification, peak bandwidth and packet rates, mitigation actions taken, and incident duration. Full context for threat intelligence analysis.
STIX/TAXII Compatible
Once in MISP, DDoS threat intelligence can be shared via TAXII feeds, exported as STIX 2.1 bundles, or synced with other MISP instances. Your DDoS data integrates with your existing threat intelligence workflows.
Community Sharing
Share DDoS attack intelligence with your MISP sharing communities. TLP markings and distribution levels give you control over what gets shared and with whom. Contribute to collective DDoS defense.
Share DDoS intelligence with your community
Connect Flowtriq to MISP and start exporting attack indicators in minutes.
FAQ