Andras Iklody
Andras Iklody
This means that the admin is stuck logged in having to wait for a logout before being able to log in with their openAM account.
User is named [email protected] and needs to be configured to a hard coded integration user. Why does the user have to do this manually instead of having this pre-configured?
As nodes can decide to update components, can we check the versions of the individual CSP components run by our partners to sever the exchange in case they run vulnerable...
Can I include organisations that do not have CSP? The trust circles get propagated to MISP, if we have an incident involving non CSP organisations, how can we facilitate the...
Noticed several issues with the exchange via CSP to MISP: - Events arrive unpublished, meaning that my partners are not protected using my shared data. This also encourages tampering with...
CSP users - can they be assigned different roles through the single sign on system to assign different MISP user roles to the various different users?
Show the actual versions of the modules instead of the melicertes rebranded version. We'd like to be able to ensure that we don't end up installing outdated / vulnerable versions...
https://github.com/melicertes/csp/blob/master/csp-apps/misp/misp-adapter-emitter/src/main/java/com/intrasoft/csp/misp/service/impl/MispTcSyncServiceImpl.java#L164 This is extremely worrying. Organisations that are not in the list of melicertes teams are absolutely normal and should not be flagged in any way. The comment that deletion...
https://github.com/melicertes/csp/blob/68a050e2216dce8e7f824178c57a9b4f32b65971/csp-apps/misp/misp-tests/src/test/java/com/intrasoft/csp/misp/tests/sandbox/DistributionPolicyRectifierTest.java#L53 This is a violation of MISP's distribution model. MISP will always choose the most restrictive option in the inherited distributions. For example: Event [distribution: your organisation only] Attribute [distribution:all...