misp-galaxy
misp-galaxy copied to clipboard
Preventive measure galaxy
Add the following:
- Block host level
- Block network level
- Alert on host level
- Alert on network level
There is the preventive measures based on the ransomware document overview as published in https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml# . The preventive measures are quite generic and can fit any standard Windows infrastructure and their security measures.
Considering it is quite windows oriented I guess it doesn't cover the idea you had?
I think it was to expand the current preventive measures to have more granularity on the network filtering if it's just detection or actual remediation.