MISP
/
misp-book
mirror of https://github.com/MISP/misp-book
2
0
Fork 0
Code Issues Releases Wiki Activity

Update in the glossary to quickly fix the description of the IDS flag

pull/134/head
Alexandre Dulaunoy 2018-11-07 08:55:07 +01:00
parent cb275cefdb
commit 0fc551d680
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
GLOSSARY.md
View File

@ -36,7 +36,8 @@ Attributes in MISP can be network indicators (e.g. IP address), system indicator
◦ A type (e.g. MD5, url) is how an attribute is described. ◦ A type (e.g. MD5, url) is how an attribute is described.
◦ An attribute is always in a category (e.g. Payload delivery) which puts it in a context. ◦ An attribute is always in a category (e.g. Payload delivery) which puts it in a context.
• A category is what describes an attribute. • A category is what describes an attribute.
◦ An IDS flag on an attribute allows to determine if an attribute can ◦ An IDS flag on an attribute allows to determine if an attribute can be automated (such as being exported as an IDS ruleset or used for detection). If the IDS flag is not present, the attribute
can be useful for contextualisation only.
## MISP Event ## MISP Event
MISP events are encapsulations for contextually linked information MISP events are encapsulations for contextually linked information