From 74d36ccc594c3d227cb012bdb8d997dadf83423a Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy
Date: Sun, 7 Feb 2021 11:37:48 +0100
Subject: [PATCH 1/3] new: [taxonomy] yaml format added
---
yaml/machinetag.yaml | 81 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 81 insertions(+)
create mode 100644 yaml/machinetag.yaml
diff --git a/yaml/machinetag.yaml b/yaml/machinetag.yaml
new file mode 100644
index 0000000..6c90e54
--- /dev/null
+++ b/yaml/machinetag.yaml
@@ -0,0 +1,81 @@
+---
+namespace: cycat
+expanded: Universal Cybersecurity Resource Catalogue
+description: Taxonomy used by CyCAT, the Universal Cybersecurity Resource Catalogue,
+ to categorize the namespaces it supports and uses.
+version: 1
+refs:
+- https://www.cycat.org/
+values:
+- predicate: type
+ entry:
+ - value: tool
+ expanded: Tool
+ description: Open source or proprietary tool used in cybersecurity.
+ - value: playbook
+ expanded: Playbook
+ description: Playbook, such as a defined set of rules with one or more actions
+ triggered by different events to respond to, orchestrate or automate cybersecurity
+ related actions.
+ - value: taxonomy
+ expanded: Taxonomy
+ description: Cybersecurity taxonomy is a set of labels used to classify (in both
+ terms - arrange in classes or/and design to national classification) cybersecurity
+ related information.
+ - value: rule
+ expanded: Rule
+ description: Detection rule or set of detection rules used in the cybersecurity
+ field. Rulesets can be in different formats for (N/L)IDS/SIEM (such as Snort,
+ Suricata, Zeek, SIGMA or YARA) or any other tool capable of parsing them.
+ - value: notebook
+ expanded: Notebook
+ description: Interactive document to code, experiment, train or visualize cybersecurity-related
+ information. A notebook can be transcribed in a format such as Jupyter Notebooks,
+ Apache Zeppelin, Pluton or Google Colab.
+ - value: vulnerability
+ expanded: Vulnerability
+ description: Public or non-public information about a security vulnerability in
+ a specific software, hardware or service.
+ - value: proof-of-concept
+ expanded: Proof-of-concept
+ description: Code to validate a known vulnerability.
+ - value: fingerprint
+ expanded: Fingerprint
+ description: Code to uniquely identify specific cybersecurity-relevant patterns.
+ Fingerprints can be expressed in different formats such as ja3, ja3s, hassh,
+ jarm or favicon-mmh3.
+ - value: mitigation
+ expanded: Mitigation
+ description: Mitigating control to prevent unwanted activity from happening, like
+ a specific configuration of the operating system/tools or an implementation
+ policy.
+ - value: dataset
+ expanded: Dataset
+ description: Dataset for validation of detections and tool stacks,
+- predicate: scope
+ entry:
+ - value: identify
+ expanded: Identify
+ - value: protect
+ expanded: Protect
+ - value: detect
+ expanded: Detect
+ - value: respond
+ expanded: Respond
+ - value: recover
+ expanded: Recover
+ - value: exploit
+ expanded: Exploit
+ - value: investigate
+ expanded: Investigate
+ - value: train
+ expanded: Train
+ - value: test
+ expanded: Test
+predicates:
+- value: type
+ expanded: Type
+ description: Type of entry in the catalogue.
+- value: scope
+ expanded: Scope
+ description: Scope of usage for the entry in the catalogue.
From 16ad4c47d64a0ee697f969871956db58444a43c8 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy
Date: Sun, 7 Feb 2021 11:38:58 +0100
Subject: [PATCH 2/3] chg: [doc] yaml reference added
---
README.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/README.md b/README.md
index 01a8f6a..5a00312 100644
--- a/README.md
+++ b/README.md
@@ -5,7 +5,7 @@ Taxonomy used by CyCAT.org, the Universal Cybersecurity Resource Catalogue, to c
# Format
-The CyCAT.org taxonomy is [available in JSON format](https://github.com/CyCat-project/cycat-taxonomy/blob/main/json/machinetag.json).
+The CyCAT.org taxonomy is [available in JSON format](https://github.com/CyCat-project/cycat-taxonomy/blob/main/json/machinetag.json) and [yaml format](https://github.com/CyCat-project/cycat-taxonomy/blob/main/yaml/machinetag.yaml).
# Goal
From 0440475f0a11680fe6af78e9597250a2cbf40deb Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy
Date: Sun, 7 Feb 2021 12:04:45 +0100
Subject: [PATCH 3/3] chg: [format] updated
---
README.md | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/README.md b/README.md
index 5a00312..61de3a5 100644
--- a/README.md
+++ b/README.md
@@ -13,11 +13,11 @@ The taxonomy will be used on the CyCAT.org portal to classify and label the reso
# Contributing
-- Fork the repository, update the JSON and propose your changes via a pull-request.
+- Fork the repository, update the JSON or yaml and propose your changes via a pull-request.
# License
-The CyCAT.org taxonomy (JSON files) are dual-licensed under:
+The CyCAT.org taxonomy (JSON/yaml files) are dual-licensed under:
- [CC0 1.0 Universal](https://creativecommons.org/publicdomain/zero/1.0/legalcode) (CC0 1.0) - Public Domain Dedication.