cti-python-stix2/stix2/test/v21/stix2_data/course-of-action/course-of-action--95ddb356-...

16 lines
890 B
JSON

{
"id": "bundle--a42d26fe-c938-4074-a1b3-50d852e6f0bd",
"objects": [
{
"created": "2017-05-31T21:30:26.495974Z",
"created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
"description": "Identify potentially malicious software that may contain rootkit functionality, and audit and/or block it by using whitelisting[[CiteRef::Beechey 2010]] tools, like AppLocker,[[CiteRef::Windows Commands JPCERT]][[CiteRef::NSA MS AppLocker]] or Software Restriction Policies[[CiteRef::Corio 2008]] where appropriate.[[CiteRef::TechNet Applocker vs SRP]]",
"id": "course-of-action--95ddb356-7ba0-4bd9-a889-247262b8946f",
"modified": "2017-05-31T21:30:26.495974Z",
"name": "Rootkit Mitigation",
"spec_version": "2.1",
"type": "course-of-action"
}
],
"type": "bundle"
}