diff --git a/MANIFEST.json b/MANIFEST.json
index 6a2e848..865e0c4 100644
--- a/MANIFEST.json
+++ b/MANIFEST.json
@@ -256,7 +256,7 @@
       "description": "Runtime or software packer used to combine compressed data with the decompression code. The decompression code can add additional obfuscations mechanisms including polymorphic-packer or other obfuscation techniques. This taxonomy lists all the known or official packer used for legitimate use or for packing malicious binaries."
     },
     {
-      "version": 2,
+      "version": 4,
       "name": "honeypot-basic",
       "description": "Christian Seifert, Ian Welch, Peter Komisarczuk, ‘Taxonomy of Honeypots’, Technical Report CS-TR-06/12, VICTORIA UNIVERSITY OF WELLINGTON, School of Mathematical and Computing Sciences, June 2006, http://www.mcs.vuw.ac.nz/comp/Publications/archive/CS-TR-06/CS-TR-06-12.pdf"
     },
@@ -360,5 +360,5 @@
   "url": "https://raw.githubusercontent.com/MISP/misp-taxonomies/master/",
   "description": "Manifest file of MISP taxonomies available.",
   "license": "CC-0",
-  "version": "20180912"
+  "version": "20180924"
 }
diff --git a/honeypot-basic/machinetag.json b/honeypot-basic/machinetag.json
index 1471ffe..509ae0c 100644
--- a/honeypot-basic/machinetag.json
+++ b/honeypot-basic/machinetag.json
@@ -1,7 +1,7 @@
 {
   "namespace": "honeypot-basic",
-  "description": "Updated from Christian Seifert, Ian Welch, Peter Komisarczuk, ‘Taxonomy of Honeypots’, Technical Report CS-TR-06/12, VICTORIA UNIVERSITY OF WELLINGTON, School of Mathematical and Computing Sciences, June 2006, http://www.mcs.vuw.ac.nz/comp/Publications/archive/CS-TR-06/CS-TR-06-12.pdf",
-  "version": 2,
+  "description": "Updated (CIRCL, Seamus Dowling and EURECOM) from Christian Seifert, Ian Welch, Peter Komisarczuk, ‘Taxonomy of Honeypots’, Technical Report CS-TR-06/12, VICTORIA UNIVERSITY OF WELLINGTON, School of Mathematical and Computing Sciences, June 2006, http://www.mcs.vuw.ac.nz/comp/Publications/archive/CS-TR-06/CS-TR-06-12.pdf",
+  "version": 4,
   "predicates": [
     {
       "value": "interaction-level",
@@ -43,15 +43,25 @@
           "expanded": "High Interaction Level",
           "description": "Exposed functionality of the honeypot is not limited."
         },
+        {
+          "value": "medium",
+          "expanded": "Medium Interaction Level",
+          "description": "Exposed functionality of the honeypot is limited to the service without exposing the full operating system."
+        },
         {
           "value": "low",
           "expanded": "low Interaction Level",
-          "description": "Exposed functionality being limited. For example, a simulated SSH server of a honeypot is not able to authenticate against a valid login/password combination"
+          "description": "Exposed functionality being limited. For example, a simulated SSH server of a honeypot is not able to authenticate against a valid login/password combination."
         },
         {
           "value": "none",
           "expanded": "No interaction capabilities",
           "description": "No exposed functionality in the honeypot."
+        },
+        {
+          "value": "adaptive",
+          "expanded": "Learns from attack interaction",
+          "description": "Learns from attack interaction"
         }
       ]
     },
diff --git a/workflow/machinetag.json b/workflow/machinetag.json
index ba9d068..7eac693 100644
--- a/workflow/machinetag.json
+++ b/workflow/machinetag.json
@@ -2,7 +2,7 @@
   "namespace": "workflow",
   "expanded": "workflow to support analysis",
   "description": "Workflow support language is a common language to support intelligence analysts to perform their analysis on data and information. ",
-  "version": 4,
+  "version": 5,
   "predicates": [
     {
       "value": "todo",
@@ -25,7 +25,7 @@
         },
         {
           "value": "review",
-          "expanded": "Additional review is required to reach a certain level of validation of the information tagged"
+          "expanded": "Additional review is required to reach a cert  ain level of validation of the information tagged"
         },
         {
           "value": "review-before-publication",
@@ -69,7 +69,15 @@
         },
         {
           "value": "review-the-grammar",
-          "expanded": "Review the grammar of the information tagged to improve the overall quality "
+          "expanded": "Review the grammar of the information tagged to improve the overall quality"
+        },
+        {
+          "value": "do-not-delete",
+          "expanded": "Element that should not be deleted (without asking)"
+        },
+        {
+          "value": "add-mitre-attack-cluster",
+          "expanded": "Describe cyber adversary behavior using MITRE ATT&CK"
         }
       ]
     },