flowintel-cm icon indicating copy to clipboard operation
flowintel-cm copied to clipboard
verified publisher icon flowintel

flowintel integration with MISP, Wazuh and SATRAP

Open CryptographySandbox opened this issue 3 months ago • 1 comments

Dear @adulau and @DavidCruciani,

As briefly discussed during the Open Source Conference 2025, we are planning to work on developing a feature that involves integrating flowintel, Wazuh, MISP and SATRAP. This would be to, roughly speaking, facilitate the automation of case creation upon anomaly detection and to improve post-incident analysis.

Is this issue good enough to track this work or you'd rather have another issue in the wazuh-integration repository you announced recently? we'll be building on top of the latter, but flowintel will probably be a central element.

Some preliminary work may be published under both IDPS-ESCAPE and SATRAP in the meantime, but at this stage it's not immediately obvious which project of yours should be considered for the pull request when the feature is done.

Thanks.

Cheers

CryptographySandbox avatar Oct 08 '25 13:10 CryptographySandbox