From be0ce4d4193fed5ff07691a903dc50a635d0c426 Mon Sep 17 00:00:00 2001 From: Deborah Servili Date: Wed, 2 May 2018 08:42:25 +0200 Subject: [PATCH 1/6] fix tyypo --- misp-galaxy-format/raw.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misp-galaxy-format/raw.md b/misp-galaxy-format/raw.md index 8a3fdfd..f166810 100644 --- a/misp-galaxy-format/raw.md +++ b/misp-galaxy-format/raw.md @@ -80,7 +80,7 @@ Clusters are represented as a JSON [@!RFC4627] dictionary. The MISP galaxy format uses the JSON [@!RFC4627] format. Each galaxy is represented as a JSON object with meta information including the following fields: name, uuid, description, version, type, authors, source, values. -name defines the name of the galaxy. The name is represented as a string and **MUST** be present. The uuid represents the Universally Unique IDentifier (UUID) [@!RFC4122] of the object reference. The uuid **MUST** be preserved. For any updates or transfer of the same object reference. UUID version 4 is **RECOMMENDED** when assigning it to a new object reference and **MUST** be present. The description is represented as a string and **MUST** be present. The uuid is represented as a string and **MUST** be present. The version is represented as a decimal and **MUST** be present. The source is represented as a string and **MUST** be present. Authors are represented as an array containing one or more author and **MUST** be present. +name defines the name of the galaxy. The name is represented as a string and **MUST** be present. The uuid represents the Universally Unique IDentifier (UUID) [@!RFC4122] of the object reference. The uuid **MUST** be preserved. For any updates or transfer of the same object reference. UUID version 4 is **RECOMMENDED** when assigning it to a new object reference and **MUST** be present. The description is represented as a string and **MUST** be present. The uuid is represented as a string and **MUST** be present. The version is represented as a decimal and **MUST** be present. The source is represented as a string and **MUST** be present. Authors are represented as an array containing one or more authors and **MUST** be present. Values are represented as an array containing one or more value and **MUST** be present. Values defines all values available in the galaxy. From cb2419d550c5980f74de6b883399ca4998fe2aff Mon Sep 17 00:00:00 2001 From: Deborah Servili Date: Wed, 2 May 2018 08:44:32 +0200 Subject: [PATCH 2/6] fix tyypo --- misp-galaxy-format/raw.md | 2 +- misp-galaxy-format/raw.md.txt | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/misp-galaxy-format/raw.md b/misp-galaxy-format/raw.md index f166810..8d0611b 100644 --- a/misp-galaxy-format/raw.md +++ b/misp-galaxy-format/raw.md @@ -82,7 +82,7 @@ The MISP galaxy format uses the JSON [@!RFC4627] format. Each galaxy is represen name defines the name of the galaxy. The name is represented as a string and **MUST** be present. The uuid represents the Universally Unique IDentifier (UUID) [@!RFC4122] of the object reference. The uuid **MUST** be preserved. For any updates or transfer of the same object reference. UUID version 4 is **RECOMMENDED** when assigning it to a new object reference and **MUST** be present. The description is represented as a string and **MUST** be present. The uuid is represented as a string and **MUST** be present. The version is represented as a decimal and **MUST** be present. The source is represented as a string and **MUST** be present. Authors are represented as an array containing one or more authors and **MUST** be present. -Values are represented as an array containing one or more value and **MUST** be present. Values defines all values available in the galaxy. +Values are represented as an array containing one or more values and **MUST** be present. Values defines all values available in the galaxy. ## values diff --git a/misp-galaxy-format/raw.md.txt b/misp-galaxy-format/raw.md.txt index 0025397..8a3a17a 100755 --- a/misp-galaxy-format/raw.md.txt +++ b/misp-galaxy-format/raw.md.txt @@ -133,9 +133,9 @@ Internet-Draft MISP galaxy format April 2018 and MUST be present. The version is represented as a decimal and MUST be present. The source is represented as a string and MUST be present. Authors are represented as an array containing one or more - author and MUST be present. + authors and MUST be present. - Values are represented as an array containing one or more value and + Values are represented as an array containing one or more values and MUST be present. Values defines all values available in the galaxy. 2.2. values From 6178051aaba4a0224988610a018e10510596ec4f Mon Sep 17 00:00:00 2001 From: Deborah Servili Date: Wed, 2 May 2018 08:45:29 +0200 Subject: [PATCH 3/6] typo --- misp-galaxy-format/raw.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misp-galaxy-format/raw.md b/misp-galaxy-format/raw.md index 8d0611b..42a7b16 100644 --- a/misp-galaxy-format/raw.md +++ b/misp-galaxy-format/raw.md @@ -86,7 +86,7 @@ Values are represented as an array containing one or more values and **MUST** be ## values -The values array contains one or more JSON objects which represents all the possible values in the galaxy. The JSON object contains four fields: value, description, uuid and meta. +The values array contains one or more JSON objects which represent all the possible values in the galaxy. The JSON object contains four fields: value, description, uuid and meta. The value is represented as a string and **MUST** be present. The description is represented as a string and **SHOULD** be present. The meta or metadata is represented as a JSON list and **SHOULD** be present. The uuid represents the Universally Unique IDentifier (UUID) [@!RFC4122] of the value reference. The uuid **SHOULD** can be present and **MUST** be preserved. From b4e50946dce4001203a91ca9106c8b75aefb03a6 Mon Sep 17 00:00:00 2001 From: Deborah Servili Date: Wed, 2 May 2018 08:47:32 +0200 Subject: [PATCH 4/6] forgotten bold --- misp-galaxy-format/raw.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misp-galaxy-format/raw.md b/misp-galaxy-format/raw.md index 42a7b16..e91a90b 100644 --- a/misp-galaxy-format/raw.md +++ b/misp-galaxy-format/raw.md @@ -100,7 +100,7 @@ derivated_from, refs, synonyms **SHALL** be used to give further informations. r date, status **MAY** be used to give time information about an cluster. date is represented as a string describing a time or period and **SHALL** be present. status is represented as a string describing the current status of the clusters. It **MAY** also describe a time or period and **SHALL** be present. -colour fields MAY be used at predicates or values level to set a specify colour that MAY be used by the implementation. The colour field is described as an RGB colour fill in hexadecimal representation. +colour fields **MAY** be used at predicates or values level to set a specify colour that MAY be used by the implementation. The colour field is described as an RGB colour fill in hexadecimal representation. complexity, effectiveness, impact, possible_issues **MAY** be used to give further information in preventive-measure galaxy. complexity is represented by an enumerated value from a fixed vocabulary and **SHALL** be present. effectiveness is represented by an enumerated value from a fixed vocabulary and **SHALL** be present. impact is represented by an enumerated value from a fixed vocabulary and **SHALL** be present. possible_issues is represented as a string and **SHOULD** be present. From 18b955b76686b7fe2b127a91c3732a96132768f7 Mon Sep 17 00:00:00 2001 From: Deborah Servili Date: Wed, 2 May 2018 08:48:47 +0200 Subject: [PATCH 5/6] forgotten bold bis --- misp-galaxy-format/raw.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misp-galaxy-format/raw.md b/misp-galaxy-format/raw.md index e91a90b..6ad3b37 100644 --- a/misp-galaxy-format/raw.md +++ b/misp-galaxy-format/raw.md @@ -100,7 +100,7 @@ derivated_from, refs, synonyms **SHALL** be used to give further informations. r date, status **MAY** be used to give time information about an cluster. date is represented as a string describing a time or period and **SHALL** be present. status is represented as a string describing the current status of the clusters. It **MAY** also describe a time or period and **SHALL** be present. -colour fields **MAY** be used at predicates or values level to set a specify colour that MAY be used by the implementation. The colour field is described as an RGB colour fill in hexadecimal representation. +colour fields **MAY** be used at predicates or values level to set a specify colour that **MAY** be used by the implementation. The colour field is described as an RGB colour fill in hexadecimal representation. complexity, effectiveness, impact, possible_issues **MAY** be used to give further information in preventive-measure galaxy. complexity is represented by an enumerated value from a fixed vocabulary and **SHALL** be present. effectiveness is represented by an enumerated value from a fixed vocabulary and **SHALL** be present. impact is represented by an enumerated value from a fixed vocabulary and **SHALL** be present. possible_issues is represented as a string and **SHOULD** be present. From 43e86277b2f702850787e7f590aa3b150d28bd6e Mon Sep 17 00:00:00 2001 From: Deborah Servili Date: Wed, 2 May 2018 08:51:06 +0200 Subject: [PATCH 6/6] fix example --- misp-galaxy-format/raw.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/misp-galaxy-format/raw.md b/misp-galaxy-format/raw.md index 6ad3b37..9a5eb84 100644 --- a/misp-galaxy-format/raw.md +++ b/misp-galaxy-format/raw.md @@ -181,7 +181,7 @@ Example use of the encryption, extensions, ransomnotes fields in the ransomware source-uuid, target-uuid **SHALL** be used to describe relationships. source-uuid and target-uuid represent the Universally Unique IDentifier (UUID) [@!RFC4122] of the value reference. source-uuid and target-uuid **MUST** be preserved. -Example use of the source-uuid, target-uuid fields in the mitre-entreprise-attack-relationship galaxy: +Example use of the source-uuid, target-uuid fields in the mitre-enterprise-attack-relationship galaxy: ~~~~ { "meta": { @@ -189,7 +189,7 @@ Example use of the source-uuid, target-uuid fields in the mitre-entreprise-attac "target-uuid": "2f1a9fd0-3b7c-4d77-a358-78db13adbe78" }, "uuid": "cfc7da70-d7c5-4508-8f50-1c3107269633", - "value": "menuPass uses EvilGrab" + "value": "menuPass (G0045) uses EvilGrab (S0152)" } ~~~~