misp-taxonomies/collaborative-intelligence/machinetag.json

78 lines
2.7 KiB
JSON
Raw Permalink Normal View History

{
"namespace": "collaborative-intelligence",
"expanded": "collaborative intelligence support language",
"description": "Collaborative intelligence support language is a common language to support analysts to perform their analysis to get crowdsourced support when using threat intelligence sharing platform like MISP. The objective of this language is to advance collaborative analysis and to share earlier than later.",
"version": 3,
"predicates": [
{
"value": "request",
"expanded": "Request",
"description": "Request predicate covers all the requests which can be done by analysts or organisations willing to get additional information to support their analysis."
}
],
"values": [
{
"predicate": "request",
"entry": [
{
"value": "sample",
"expanded": "Request a binary sample"
},
{
"value": "extracted-malware-config",
"expanded": "Extracted malware config",
"description": "Request of the malware configuration extracted from the malware sample tagged."
},
{
"value": "deobfuscated-sample",
"expanded": "Request a deobfuscated sample of the shared sample"
},
{
"value": "more-samples",
"expanded": "Request additional samples compared to the original analysis to build a competitive analysis on the reversing aspect"
},
{
"value": "related-samples",
"expanded": "Request related samples required for further analysis"
},
{
"value": "static-analysis",
"expanded": "Request additional static analysis or reversing on the information shared"
},
2017-10-06 07:53:32 +02:00
{
"value": "detection-signature",
"expanded": "Request detection signature from"
},
{
"value": "context",
"expanded": "Request more contextual information"
},
{
"value": "abuse-contact",
"expanded": "Request an abuse contact to report to"
},
{
"value": "historical-information",
"expanded": "Request more historical information from"
},
{
"value": "complementary-validation",
"expanded": "Request complementary validation"
},
{
"value": "target-information",
"expanded": "Request about the target(s) including field of activities or companies"
},
{
"value": "request-analysis",
"expanded": "Request further technical or tactical analysis"
},
{
"value": "more-information",
"expanded": "Request for generic additional information"
}
]
}
]
}