CODE418
E-BOOK · FREE

MISP in Practicefrom Zero to Operation

The operational MISP guide in Portuguese: from the data model to the daily run of a Threat Intelligence platform in production.

61 pages12 chapters4 appendicesPT-BRPDF

Get the PDF in your inbox

Enter your email and we send the download link. No cost.

Learn more: Privacy Policy · Cookie Policy

// scope

What you will operate

Not a theoretical overview. Each part takes you from a concept to execution on a real instance.

part 01

Fundamentals and data model

IoC, intelligence and TIP. The event → attribute → object → galaxy → tag model that organizes everything in MISP.

part 02

Installation and sizing

Hardware and disk sizing, deployment decisions and what to consider before going to production.

part 03

Synchronization between instances

Push and Pull in practice: when to use each, cron automation and the limits of what MISP filters.

part 04

TLP, taxonomies and distribution

The four TLP levels, the five distribution levels and sharing groups — with the rule of starting from the most restrictive.

part 05

Feeds, STIX and TAXII

Feed ingestion, export to firewalls, SIEMs, EDRs and Zeek, and interoperability via STIX/TAXII.

part 06

REST API, PyMISP and hardening

Automation with the API and PyMISP; hardening, backup and continuity to keep the operation running.

// contents

12 chapters, 4 appendices

01Fundamentals: IoC, intelligence and TIP
02The MISP data model
03Installation and sizing
04Events, attributes and objects
05TLP and taxonomies
06Galaxies and clusters
07Distribution and sharing groups
08Synchronization: Push and Pull
09Intelligence feeds
10STIX, TAXII and exports
11REST API and PyMISP
12Hardening, backup and continuity
AOperational cheatsheet
BAttribute categories and types
CAPI enumerations
DGlossary

// audience

Who it is for

analyst

SOC and blue team

Those who need to turn alerts and IoCs into structured intelligence and stop treating MISP as a passive repository.

manager

Security leader

Those deploying or maturing a TIP who need criteria for sizing, distribution and sharing governance.

transitioning

Professional entering CTI

Those who want the practical foundation of Threat Intelligence in Portuguese, without relying on translated theory or trial and error.

// author

Who wrote it

F

Freitas · CODE418

Cyber Threat Intelligence specialist with 20+ years in information security, MISP operation in production and teaching CTI at graduate level. The e-book consolidates real field practice — not a documentation summary.

Take MISP from zero to operation

61 pages of practice, free. Enter your email and the PDF arrives in your inbox.

Learn more: Privacy Policy · Cookie Policy

We process your email only to send the material and related communications, in line with the LGPD. You can unsubscribe anytime.

We use analytics cookies to understand how the site is used. You decide — nothing is tracked without your consent. Cookie Policy