Free to Join
No cost to participate — whether you connect with your own MISP instance or use the shared community platform.
Together we are stronger.
Danish MISP Community
A free, open MISP community for Danish organisations and Danish private security researchers
The Danish MISP Community is built around the concept of an ISAO (Information Sharing and Analysis Organizations). It is non-profit — the MISP instance is provided free of charge. Our goal is to build a strong sharing community between organisations and security researchers in Denmark.
Goals and Foundation
A cross-sector sharing community open to all of Denmark.
We connect private researchers, organisations, and enterprises across all sectors in Denmark under one trusted roof — so Danish threat data/intelligence reaches everyone who can act on it, regardless of size or industry.
The MISP platform serves as the shared backbone: organisations without their own instance can participate directly on the community setup, while those with an existing deployment can connect it as a sync point to exchange data in both directions.
We align loosely with the ISAO model — an Information Sharing and Analysis Organization is a collaborative group designed to collect, analyze, and share cybersecurity threat information among its members, spanning industries and communities rather than a single sector. We deliberately keep rules to a minimum, because experience shows that complexity kills sharing cultures before they can grow.
X/Twitter: @DanishMISP
No MISP Needed
Supports both organisations with their own MISP instance and those that want to live on the community setup.
Sharing is Optional
It is NOT a requirement to share data. We believe in giving you the freedom to share what you can.
If you find the data relevant and useful, sharing it can help the community grow and improve. It is the receivers who are responsible for vetting the data.
Rules of Usage
Simple rules to keep the community trustworthy.
Membership
To join you must be a Danish organization or private researcher in Denmark that like to share threat data.
One primary person per organisation is created and assigned as the Org Admin (the Org Admin can add), who is responsible for creating local users for their organisation.
Data Handling
Do not change other organisations' events — use the extend event and proposals feature to request changes or add context.
Do NOT attach a malware sandbox to submit data automatically — this tends to cause unstructured data with low validity and many false positives.
Spamming the community MISP with automated data will result in removal from the community.
Vetted Sharing Groups
A vetted sharing group is created to ensure sensitive data stays within trusted circles of verified organisations and researchers.
Only referred organisations and researchers are added to join this sharing group, don't ask us for access to this.
What to Share
Context makes data consumable.
The most important mindset: add as much context as you can — this is what makes data easier to consume. The following is not a complete list, but a useful starting point:
Phishing
Phishing emails and malicious sites observed in the wild.
Malware
Malware indicators, samples, and associated campaign intelligence.
BEC & Spear-phishing
Business email compromise and targeted spear-phishing attempts.
Technical articles and other threat research you find relevant are also welcome. We are trying to build a Danish cross-community where people share what they find relevant.
Mechanisms and Tools
Connecting your own MISP instance.
Organisations with their own MISP instance can provide their MISP UUID and receive a sync user in order to push and/or pull data with the community platform.
eCrimeLabs manages the platform and continually monitors and updates it to ensure it is as protected as possible.
Additional Resources
Learn more about MISP.
MISP Documentation
Official guide for creating events and working with the MISP platform.
MISP Project
The official MISP project website with full documentation and downloads.
Video Training
Introduction and training videos to get started with MISP quickly.
GitHub – MISP
The official MISP source code repository, issue tracker, and release notes.
Get Involved