MISP feeds to FortiGate

gwaihir · ‎02-04-2025

Hello

Hi Community, please I want to know if anyone has integrated misp feeds to Fortigate (I already have feeds for IP and URL from other sources)

How can I consume this IOC from misp events.?

Thank you!

Regards.

Anthony_E · ‎02-07-2025

Hello,

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

Thanks,

Anthony-Fortinet Community Team.

Anthony_E · ‎02-10-2025

Hello,

I may found the answer to your question about how to consume IOCs from MISP events in FortiGate:

Integrate FortiGate with MISP: Configure the integration between FortiGate and MISP to establish communication and data exchange.
Import IOCs: Set up a process to import IOCs from MISP events into FortiGate. This can involve creating custom feeds or utilizing existing threat intelligence feeds within FortiGate.
Update Security Policies: Use the imported IOCs to update your security policies in FortiGate. This ensures that your network security measures are aligned with the latest threat intelligence from MISP.
Monitor and Respond: Continuously monitor the IOCs from MISP in FortiGate and set up automated responses or alerts to react promptly to any identified threats.

Anthony-Fortinet Community Team.

Nominate a Forum Post for Knowledge Article Creation