IntelMQ is a solution for IT security teams (CERTs, CSIRTs, abuse departments,β¦) for collecting and processing security feeds (such as log files) using a message queuing protocol. Itβs a community driven initiative called IHAP (Incident Handling Automation Project) which was conceptually designed by European CERTs/CSIRTs during several InfoSec events. Its main goal is to give to incident responders an easy way to collect & process threat intelligence thus improving the incident handling processes of CERTs.
IntelMQβs design was influenced by AbuseHelper , however it was re-written from scratch and aims at:
It follows the following basic meta-guidelines:
Table of Contents
How to Install
See UserGuide .
Developers Guide
See Developers Guide .
IntelMQ Manager
Check out this graphical tool and easily manage an IntelMQ system.
Incident Handling Automation Project
Data Harmonization
IntelMQ use the Data Harmonization. Check the following document .
How to participate