Analyzing Threat Landscape

v20260317

analyzing-threat-landscape-with-misp

Use PyMISP to query MISP events, compute IOC type breakdowns, highlight top threat actors, MITRE techniques, and galaxy clusters, and produce temporal trend reports to help security teams understand the evolving threat landscape.

Threat Intelligence PyMISP MISP Analytics Malware MITRE IOC Security

Get Skill

140 downloads

Overview

Instructions

Install dependencies: pip install pymisp
Configure MISP URL and API key.
Run the agent to generate threat landscape analysis:
- Pull event statistics by threat level and date range
- Analyze attribute type distributions (IP, domain, hash, URL)
- Identify top MITRE ATT&CK techniques from event tags
- Track threat actor activity via galaxy clusters
- Generate temporal trend analysis of IOC submissions

python scripts/agent.py --misp-url https://misp.local --api-key YOUR_KEY --days 90 --output landscape_report.json

Examples

Threat Landscape Summary

Period: Last 90 days
Events analyzed: 1,247
Top threat level: High (43%)
Top attribute type: ip-dst (31%), domain (22%), sha256 (18%)
Top MITRE technique: T1566 Phishing (89 events)
Top threat actor: APT28 (34 events)

Info

Category Development

Name analyzing-threat-landscape-with-misp

Version v20260317

Size 8.22KB

Source mukul975/Anthropic-Cybersecurity-Skills

Updated At 2026-03-18