Browse Source

Merge pull request #37 from C00kie-/patch-2

Update raw.md
main
Alexandre Dulaunoy 2 years ago
committed by GitHub
parent
commit
0f4c51aea8
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
  1. 4
      threat-actor-naming/raw.md

4
threat-actor-naming/raw.md

@ -57,8 +57,8 @@ as a:
- No clearly defined text format to describe the same threat actor (e.g. Is the threat actor name case sensitive? Is there a dash or a space between the two words?)
- Confusion between techniques/tools used by a threat actor versus its name (e.g. naming a threat actor after a specific malware used)
- Lack of source and list from vendors to describe their threat actor names and the reasoning behind the naming (e.g. did they name the threat actor after a specific set of campaigns? or specific set of targets?)
- Lack of time-based information about the threat actor name, such as date of naming
- Lack of open "registry" of reference, accessible to all, where to register a new threat actor name, or to access all already named threat actors. The "registry" can contain the time-based information mentionned above.
- Lack of time-based information about the threat actor name, such as date of naming or and UUID.
- Lack of open mirrored "registry" of reference, accessible to all, where to register a new threat actor name, or to access all already named threat actors. The "registry" can contain the time-based information mentionned above, it is a tool.
This document proposes a set of guidelines to name threat actors. The goal is to reduce the above mentioned issues.

Loading…
Cancel
Save