From e0b1437f4a73c341e8bf8eb34ebc66b20eca67b0 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Mon, 2 Oct 2017 11:53:33 +0200
Subject: [PATCH] Added: Collaborative intelligence support language is a
 common language to support analysts to perform their analysis to get
 crowdsourced support when using threat intelligence sharing platform like
 MISP. The objective of this language is to advance collaborative analysis and
 to share earlier than later.

---
 collaborative-intelligence/machinetag.json | 68 ++++++++++++++++++++++
 1 file changed, 68 insertions(+)
 create mode 100644 collaborative-intelligence/machinetag.json

diff --git a/collaborative-intelligence/machinetag.json b/collaborative-intelligence/machinetag.json
new file mode 100644
index 0000000..17b652d
--- /dev/null
+++ b/collaborative-intelligence/machinetag.json
@@ -0,0 +1,68 @@
+{
+  "namespace": "collaborative-intelligence",
+  "expanded": "collaborative intelligence support language",
+  "description": "Collaborative intelligence support language is a common language to support analysts to perform their analysis to get crowdsourced support when using threat intelligence sharing platform like MISP. The objective of this language is to advance collaborative analysis and to share earlier than later.",
+  "version": 1,
+  "predicates": [
+    {
+      "value": "request",
+      "expanded": "Request",
+      "description": "Request predicate covers all the requests which can be done by analysts or organisations willing to get additional information to support their analysis."
+    }
+  ],
+  "values": [
+    {
+      "predicate": "request",
+      "entry": [
+        {
+          "value": "sample",
+          "expanded": "Request a binary sample"
+        },
+        {
+          "value": "deobfuscated-sample",
+          "expanded": "Request a deobfuscated sample of the shared sample"
+        },
+        {
+          "value": "more-samples",
+          "expanded": "Request additional samples compared to the original analysis to build a competitive analysis on the reversing aspect"
+        },
+        {
+          "value": "related-samples",
+          "expanded": "Request related samples required for further analysis"
+        },
+        {
+          "value": "static-analysis",
+          "expanded": "Request additional static analysis or reversing on the information shared"
+        },
+        {
+          "value": "context",
+          "expanded": "Request more contextual information"
+        },
+        {
+          "value": "abuse-contact",
+          "expanded": "Request an abuse contact to report to"
+        },
+        {
+          "value": "historical-information",
+          "expanded": "Request more historical information from"
+        },
+        {
+          "value": "complementary-validation",
+          "expanded": "Request complementary validation"
+        },
+        {
+          "value": "target-information",
+          "expanded": "Request about the target(s) including field of activities or companies"
+        },
+        {
+          "value": "request-analysis",
+          "expanded": "Request further technical or tactical analysis"
+        },
+        {
+          "value": "more-information",
+          "expanded": "Request for generic additional information"
+        }
+      ]
+    }
+  ]
+}