Merge branch 'ghost-main' into main

pull/207/head
Alexandre Dulaunoy 2021-03-25 11:48:00 +01:00
commit dab9a034d6
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
3 changed files with 73 additions and 0 deletions

View File

@ -123,6 +123,11 @@
"name": "cssa",
"version": 8
},
{
"description": "Cyber Threat Intelligence cycle to control workflow state of your process.",
"name": "cti",
"version": 1
},
{
"description": "Current events - Schemes of Classification in Incident Response and Detection",
"name": "current-event",
@ -378,6 +383,11 @@
"name": "interception-method",
"version": 1
},
{
"description": "An IOC classification to facilitate automation of malicious and non malicious artifacts",
"name": "ioc",
"version": 1
},
{
"description": "Internet of Things taxonomy, based on IOT UK report https://iotuk.org.uk/wp-content/uploads/2017/01/IOT-Taxonomy-Report.pdf",
"name": "iot",

37
cti/machinetag.json Normal file
View File

@ -0,0 +1,37 @@
{
"namespace": "cti",
"description": "Cyber Threat Intelligence cycle to control workflow state of your process.",
"version": 1,
"predicates": [
{
"value": "planning",
"description": "CTI requirementes being generated.",
"expanded": "Phase"
},
{
"value": "collection",
"description": "Data collection initiated.",
"expanded": "Phase"
},
{
"value": "processing-and-analysis",
"description": "Data is being processed and analyzed",
"expanded": "Phase"
},
{
"value": "dissemination-done",
"description": "CTI product created and delivered to stakeholders.",
"expanded": "Phase"
},
{
"value": "feedback-received",
"description": "Feedback received by stakeholders.",
"expanded": "Phase"
},
{
"value": "feedback-pending",
"description": "Feedback pending by stakeholders.",
"expanded": "Phase"
}
]
}

26
ioc/machinetag.json Normal file
View File

@ -0,0 +1,26 @@
{
"namespace": "ioc",
"description": "An IOC classification to facilitate automation of malicious and non malicious artifacts",
"version": 1,
"predicates": [
{
"value": "artifact-state",
"expanded": "Artifact State"
}
],
"values": [
{
"predicate": "artifact state",
"entry": [
{
"value": "malicious",
"expanded": "Malicious"
},
{
"value": "not-malicious",
"expanded": "Not Malicious"
}
]
}
]
}