Merge branch 'main' of https://github.com/CyCat-project/cycat-taxonomy into main

README.md

@@ -5,7 +5,7 @@ Taxonomy used by CyCAT.org, the Cybersecurity Resource Catalogue, to categorize
 
 # Format
 
-The CyCAT.org taxonomy is [available in JSON format](https://github.com/CyCat-project/cycat-taxonomy/blob/main/json/machinetag.json).
+The CyCAT.org taxonomy is [available in JSON format](https://github.com/CyCat-project/cycat-taxonomy/blob/main/json/machinetag.json) and [yaml format](https://github.com/CyCat-project/cycat-taxonomy/blob/main/yaml/machinetag.yaml).
 
 # Goal
 
@@ -13,11 +13,11 @@ The taxonomy will be used on the CyCAT.org portal to classify and label the reso
 
 # Contributing
 
-- Fork the repository, update the JSON and propose your changes via a pull-request.
+- Fork the repository, update the JSON or yaml and propose your changes via a pull-request.
 
 # License
 
-The CyCAT.org taxonomy (JSON files) are dual-licensed under:
+The CyCAT.org taxonomy (JSON/yaml files) are dual-licensed under:
 
 - [CC0 1.0 Universal](https://creativecommons.org/publicdomain/zero/1.0/legalcode) (CC0 1.0) - Public Domain Dedication.
 

yaml/machinetag.yaml

@@ -0,0 +1,81 @@
+---
+namespace: cycat
+expanded: Universal Cybersecurity Resource Catalogue
+description: Taxonomy used by CyCAT, the Universal Cybersecurity Resource Catalogue,
+  to categorize the namespaces it supports and uses.
+version: 1
+refs:
+- https://www.cycat.org/
+values:
+- predicate: type
+  entry:
+  - value: tool
+    expanded: Tool
+    description: Open source or proprietary tool used in cybersecurity.
+  - value: playbook
+    expanded: Playbook
+    description: Playbook, such as a defined set of rules with one or more actions
+      triggered by different events to respond to, orchestrate or automate cybersecurity
+      related actions.
+  - value: taxonomy
+    expanded: Taxonomy
+    description: Cybersecurity taxonomy is a set of labels used to classify (in both
+      terms - arrange in classes or/and design to national classification) cybersecurity
+      related information.
+  - value: rule
+    expanded: Rule
+    description: Detection rule or set of detection rules used in the cybersecurity
+      field. Rulesets can be in different formats for (N/L)IDS/SIEM (such as Snort,
+      Suricata, Zeek, SIGMA or YARA) or any other tool capable of parsing them.
+  - value: notebook
+    expanded: Notebook
+    description: Interactive document to code, experiment, train or visualize cybersecurity-related
+      information. A notebook can be transcribed in a format such as Jupyter Notebooks,
+      Apache Zeppelin, Pluton or Google Colab.
+  - value: vulnerability
+    expanded: Vulnerability
+    description: Public or non-public information about a security vulnerability in
+      a specific software, hardware or service.
+  - value: proof-of-concept
+    expanded: Proof-of-concept
+    description: Code to validate a known vulnerability.
+  - value: fingerprint
+    expanded: Fingerprint
+    description: Code to uniquely identify specific cybersecurity-relevant patterns.
+      Fingerprints can be expressed in different formats such as ja3, ja3s, hassh,
+      jarm or favicon-mmh3.
+  - value: mitigation
+    expanded: Mitigation
+    description: Mitigating control to prevent unwanted activity from happening, like
+      a specific configuration of the operating system/tools or an implementation
+      policy.
+  - value: dataset
+    expanded: Dataset
+    description: Dataset for validation of detections and tool stacks,
+- predicate: scope
+  entry:
+  - value: identify
+    expanded: Identify
+  - value: protect
+    expanded: Protect
+  - value: detect
+    expanded: Detect
+  - value: respond
+    expanded: Respond
+  - value: recover
+    expanded: Recover
+  - value: exploit
+    expanded: Exploit
+  - value: investigate
+    expanded: Investigate
+  - value: train
+    expanded: Train
+  - value: test
+    expanded: Test
+predicates:
+- value: type
+  expanded: Type
+  description: Type of entry in the catalogue.
+- value: scope
+  expanded: Scope
+  description: Scope of usage for the entry in the catalogue.