From 14cf779bf348adbe29926b2527f0a8d394515fa2 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Sun, 29 Jan 2017 14:34:42 +0100
Subject: [PATCH] Diamond model added to the README and MANIFEST

---
 MANIFEST.json | 7 ++++++-
 README.md     | 6 ++++++
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/MANIFEST.json b/MANIFEST.json
index 3715d85..1520051 100644
--- a/MANIFEST.json
+++ b/MANIFEST.json
@@ -1,5 +1,5 @@
 {
-  "version": "20170108",
+  "version": "20170129",
   "license": "CC-0",
   "description": "Manifest file of MISP taxonomies available.",
   "url": "https://raw.githubusercontent.com/MISP/misp-taxonomies/master/",
@@ -35,6 +35,11 @@
       "name": "dhs-ciip-sectors",
       "version": 2
     },
+    {
+      "description": "The Diamond Model for Intrusion Analysis, a phase-based model developed by Lockheed Martin, aims to help categorise and identify the stage of an attack.",
+      "name": "diamond-model",
+      "version": 1
+    },
     {
       "description": "ISM (Information Security Marking Metadata) V13 as described by DNI.gov (Director of National Intelligence - US).",
       "name": "dni-ism",
diff --git a/README.md b/README.md
index 1aed8d6..c7f23e9 100644
--- a/README.md
+++ b/README.md
@@ -16,6 +16,7 @@ The following taxonomies are described:
 - [Cyber Kill Chain](./kill-chain) from Lockheed Martin
 - DE German (DE) [Government classification markings (VS)](./de-vs)
 - [DHS CIIP Sectors](./dhs-ciip-sectors)
+- [Diamond Model for Intrusion Analysis](./diamond-model)
 - [Domain Name Abuse](./domain-abuse)
 - [eCSIRT](./ecsirt) and IntelMQ incident classification
 - [ENISA](./enisa) ENISA Threat Taxonomy
@@ -64,6 +65,11 @@ Taxonomy for the handling of protectively marked information in MISP with German
 
 DHS critical sectors as described in https://www.dhs.gov/critical-infrastructure-sectors.
 
+### [Diamond Model for Intrusion Analysis](./diamond-model)
+
+The Diamond Model for Intrusion Analysis, a phase-based model developed by Lockheed Martin, aims to help categorise and identify the stage of an attack
+as described in [http://www.activeresponse.org/wp-content/uploads/2013/07/diamond.pdf](http://www.activeresponse.org/wp-content/uploads/2013/07/diamond.pdf).
+
 ### [Domain Name Abuse](./domain-abuse)
 
 Taxonomy to tag domain names used for cybercrime.