---
namespace: cycat
expanded: " Cybersecurity Resource Catalogue"
description: Taxonomy used by CyCAT, the Cybersecurity Resource Catalogue, to categorize
  the namespaces it supports and uses.
version: 3
refs:
- https://www.cycat.org/
values:
- predicate: type
  entry:
  - value: tool
    expanded: Tool
    description: Open source or proprietary tool used in cybersecurity.
  - value: playbook
    expanded: Playbook
    description: Playbook, such as a defined set of rules with one or more actions
      triggered by different events to respond to, orchestrate or automate cybersecurity
      related actions.
  - value: taxonomy
    expanded: Taxonomy
    description: Cybersecurity taxonomy is a set of labels used to classify (in both
      terms - arrange in classes or/and design to national classification) cybersecurity
      related information.
  - value: rule
    expanded: Rule
    description: Detection rule or set of detection rules used in the cybersecurity
      field. Rulesets can be in different formats for (N/L)IDS/SIEM (such as Snort,
      Suricata, Zeek, SIGMA or YARA) or any other tool capable of parsing them.
  - value: notebook
    expanded: Notebook
    description: Interactive document to code, experiment, train or visualize cybersecurity-related
      information. A notebook can be transcribed in a format such as Jupyter Notebooks,
      Apache Zeppelin, Pluton or Google Colab.
  - value: vulnerability
    expanded: Vulnerability
    description: Public or non-public information about a security vulnerability in
      a specific software, hardware or service.
  - value: proof-of-concept
    expanded: Proof-of-concept
    description: Code to validate a known vulnerability.
  - value: fingerprint
    expanded: Fingerprint
    description: Code to uniquely identify specific cybersecurity-relevant patterns.
      Fingerprints can be expressed in different formats such as ja3, ja3s, hassh,
      jarm or favicon-mmh3.
  - value: mitigation
    expanded: Mitigation
    description: Mitigating control to prevent unwanted activity from happening, like
      a specific configuration of the operating system/tools or an implementation
      policy.
  - value: dataset
    expanded: Dataset
    description: Dataset for validation of detections and tool stacks,
  - value: dataformat
    expanded: Data format
    description: Data structure and format to describe elements in the cybersecurity
      field.
  - value: configuration
    expanded: Configuration
    description: A configuration describes the state or environment conditions of
      a tool.
- predicate: scope
  entry:
  - value: identify
    expanded: Identify
  - value: protect
    expanded: Protect
  - value: detect
    expanded: Detect
  - value: respond
    expanded: Respond
  - value: recover
    expanded: Recover
  - value: exploit
    expanded: Exploit
  - value: investigate
    expanded: Investigate
  - value: train
    expanded: Train
  - value: reset
    expanded: Reset
  - value: test
    expanded: Test
predicates:
- value: type
  expanded: Type
  description: Type of entry in the catalogue.
- value: scope
  expanded: Scope
  description: Scope of usage for the entry in the catalogue.