Added: Collaborative intelligence support language is a common language to support analysts to
perform their analysis to get crowdsourced support when using threat intelligence sharing platform like MISP. The objective of this language is to advance collaborative analysis and to share earlier than later.pull/75/head
parent
6a6168b4a5
commit
e0b1437f4a
|
@ -0,0 +1,68 @@
|
||||||
|
{
|
||||||
|
"namespace": "collaborative-intelligence",
|
||||||
|
"expanded": "collaborative intelligence support language",
|
||||||
|
"description": "Collaborative intelligence support language is a common language to support analysts to perform their analysis to get crowdsourced support when using threat intelligence sharing platform like MISP. The objective of this language is to advance collaborative analysis and to share earlier than later.",
|
||||||
|
"version": 1,
|
||||||
|
"predicates": [
|
||||||
|
{
|
||||||
|
"value": "request",
|
||||||
|
"expanded": "Request",
|
||||||
|
"description": "Request predicate covers all the requests which can be done by analysts or organisations willing to get additional information to support their analysis."
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"values": [
|
||||||
|
{
|
||||||
|
"predicate": "request",
|
||||||
|
"entry": [
|
||||||
|
{
|
||||||
|
"value": "sample",
|
||||||
|
"expanded": "Request a binary sample"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "deobfuscated-sample",
|
||||||
|
"expanded": "Request a deobfuscated sample of the shared sample"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "more-samples",
|
||||||
|
"expanded": "Request additional samples compared to the original analysis to build a competitive analysis on the reversing aspect"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "related-samples",
|
||||||
|
"expanded": "Request related samples required for further analysis"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "static-analysis",
|
||||||
|
"expanded": "Request additional static analysis or reversing on the information shared"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "context",
|
||||||
|
"expanded": "Request more contextual information"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "abuse-contact",
|
||||||
|
"expanded": "Request an abuse contact to report to"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "historical-information",
|
||||||
|
"expanded": "Request more historical information from"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "complementary-validation",
|
||||||
|
"expanded": "Request complementary validation"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "target-information",
|
||||||
|
"expanded": "Request about the target(s) including field of activities or companies"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "request-analysis",
|
||||||
|
"expanded": "Request further technical or tactical analysis"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "more-information",
|
||||||
|
"expanded": "Request for generic additional information"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
Loading…
Reference in New Issue