From 74d36ccc594c3d227cb012bdb8d997dadf83423a Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Sun, 7 Feb 2021 11:37:48 +0100
Subject: [PATCH 1/3] new: [taxonomy] yaml format added

---
 yaml/machinetag.yaml | 81 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 81 insertions(+)
 create mode 100644 yaml/machinetag.yaml

diff --git a/yaml/machinetag.yaml b/yaml/machinetag.yaml
new file mode 100644
index 0000000..6c90e54
--- /dev/null
+++ b/yaml/machinetag.yaml
@@ -0,0 +1,81 @@
+---
+namespace: cycat
+expanded: Universal Cybersecurity Resource Catalogue
+description: Taxonomy used by CyCAT, the Universal Cybersecurity Resource Catalogue,
+  to categorize the namespaces it supports and uses.
+version: 1
+refs:
+- https://www.cycat.org/
+values:
+- predicate: type
+  entry:
+  - value: tool
+    expanded: Tool
+    description: Open source or proprietary tool used in cybersecurity.
+  - value: playbook
+    expanded: Playbook
+    description: Playbook, such as a defined set of rules with one or more actions
+      triggered by different events to respond to, orchestrate or automate cybersecurity
+      related actions.
+  - value: taxonomy
+    expanded: Taxonomy
+    description: Cybersecurity taxonomy is a set of labels used to classify (in both
+      terms - arrange in classes or/and design to national classification) cybersecurity
+      related information.
+  - value: rule
+    expanded: Rule
+    description: Detection rule or set of detection rules used in the cybersecurity
+      field. Rulesets can be in different formats for (N/L)IDS/SIEM (such as Snort,
+      Suricata, Zeek, SIGMA or YARA) or any other tool capable of parsing them.
+  - value: notebook
+    expanded: Notebook
+    description: Interactive document to code, experiment, train or visualize cybersecurity-related
+      information. A notebook can be transcribed in a format such as Jupyter Notebooks,
+      Apache Zeppelin, Pluton or Google Colab.
+  - value: vulnerability
+    expanded: Vulnerability
+    description: Public or non-public information about a security vulnerability in
+      a specific software, hardware or service.
+  - value: proof-of-concept
+    expanded: Proof-of-concept
+    description: Code to validate a known vulnerability.
+  - value: fingerprint
+    expanded: Fingerprint
+    description: Code to uniquely identify specific cybersecurity-relevant patterns.
+      Fingerprints can be expressed in different formats such as ja3, ja3s, hassh,
+      jarm or favicon-mmh3.
+  - value: mitigation
+    expanded: Mitigation
+    description: Mitigating control to prevent unwanted activity from happening, like
+      a specific configuration of the operating system/tools or an implementation
+      policy.
+  - value: dataset
+    expanded: Dataset
+    description: Dataset for validation of detections and tool stacks,
+- predicate: scope
+  entry:
+  - value: identify
+    expanded: Identify
+  - value: protect
+    expanded: Protect
+  - value: detect
+    expanded: Detect
+  - value: respond
+    expanded: Respond
+  - value: recover
+    expanded: Recover
+  - value: exploit
+    expanded: Exploit
+  - value: investigate
+    expanded: Investigate
+  - value: train
+    expanded: Train
+  - value: test
+    expanded: Test
+predicates:
+- value: type
+  expanded: Type
+  description: Type of entry in the catalogue.
+- value: scope
+  expanded: Scope
+  description: Scope of usage for the entry in the catalogue.

From 16ad4c47d64a0ee697f969871956db58444a43c8 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Sun, 7 Feb 2021 11:38:58 +0100
Subject: [PATCH 2/3] chg: [doc] yaml reference added

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 01a8f6a..5a00312 100644
--- a/README.md
+++ b/README.md
@@ -5,7 +5,7 @@ Taxonomy used by CyCAT.org, the Universal Cybersecurity Resource Catalogue, to c
 
 # Format
 
-The CyCAT.org taxonomy is [available in JSON format](https://github.com/CyCat-project/cycat-taxonomy/blob/main/json/machinetag.json).
+The CyCAT.org taxonomy is [available in JSON format](https://github.com/CyCat-project/cycat-taxonomy/blob/main/json/machinetag.json) and [yaml format](https://github.com/CyCat-project/cycat-taxonomy/blob/main/yaml/machinetag.yaml).
 
 # Goal
 

From 0440475f0a11680fe6af78e9597250a2cbf40deb Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Sun, 7 Feb 2021 12:04:45 +0100
Subject: [PATCH 3/3] chg: [format] updated

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 5a00312..61de3a5 100644
--- a/README.md
+++ b/README.md
@@ -13,11 +13,11 @@ The taxonomy will be used on the CyCAT.org portal to classify and label the reso
 
 # Contributing
 
-- Fork the repository, update the JSON and propose your changes via a pull-request.
+- Fork the repository, update the JSON or yaml and propose your changes via a pull-request.
 
 # License
 
-The CyCAT.org taxonomy (JSON files) are dual-licensed under:
+The CyCAT.org taxonomy (JSON/yaml files) are dual-licensed under:
 
 - [CC0 1.0 Universal](https://creativecommons.org/publicdomain/zero/1.0/legalcode) (CC0 1.0) - Public Domain Dedication.