Merge branch 'master' of github.com:MISP/misp-taxonomies
commit
ee6754f45e
|
@ -1,11 +1,7 @@
|
||||||
{
|
{
|
||||||
"namespace": "analyst-assessment",
|
"namespace": "analyst-assessment",
|
||||||
"expanded": "Analyst (Self) Assessment",
|
"expanded": "Analyst (Self) Assessment",
|
||||||
"refs": [
|
"description": "A series of assessment predicates describing the analyst capabilities to perform analysis. These assessment can be assigned by the analyst him/herself or by another party evaluating the analyst.",
|
||||||
"http://www.foo.be/docs/intelligence/Tversky_Kahneman_1974.pdf",
|
|
||||||
"http://www.foo.be/docs/intelligence/PsychofIntelNew.pdf"
|
|
||||||
],
|
|
||||||
"description": "A series of assessment predicates describing the analyst capabilities to perform analysis or making judgments under a certain level of uncertainty. These assessment can be assigned by the analyst him/herself or by another party evaluating the analyst.",
|
|
||||||
"version": 1,
|
"version": 1,
|
||||||
"predicates": [
|
"predicates": [
|
||||||
{
|
{
|
||||||
|
@ -14,9 +10,34 @@
|
||||||
"description": "The analyst experience expressed in years range in the field tagged. The year range is based on a standard 40-hour work week."
|
"description": "The analyst experience expressed in years range in the field tagged. The year range is based on a standard 40-hour work week."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "alternative-points-of-view-process",
|
"value": "binary-reversing-arch",
|
||||||
"expanded": "Alternative points of view process",
|
"expanded": "Reversing arch",
|
||||||
"description": "A list of procedures or practices which describe alternative points of view to validate or rate an analysis. The list describes techniques or methods which could reinforce the estimative language in a human analysis and/or challenge the assumptions to reduce the potential bias of the analysis introduced by the analyst(s)."
|
"description": "Architecture that the analyst has experience with."
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "binary-reversing-experience",
|
||||||
|
"expanded": "Reversing experience",
|
||||||
|
"description": "The analyst experience in reversing expressed in years range in the field tagged. The year range is based on a standard 40-hour work week."
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "os",
|
||||||
|
"expanded": "Operating System",
|
||||||
|
"description": "Operating System that the analyst has experience with."
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "web",
|
||||||
|
"expanded": "Web applications-related skills",
|
||||||
|
"description": "Web application vulnerabilities and technique that the analyst has experience with."
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "web-experience",
|
||||||
|
"expanded": "Experience",
|
||||||
|
"description": "The analyst experience expressed to web application security in years range in the field tagged."
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "crypto-experience",
|
||||||
|
"expanded": "Experience",
|
||||||
|
"description": "The analyst experience related to cryptography expressed in years range in the field tagged."
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"values": [
|
"values": [
|
||||||
|
@ -51,31 +72,159 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"predicate": "alternative-points-of-view-process",
|
"predicate": "binary-reversing-arch",
|
||||||
"entry": [
|
"entry": [
|
||||||
{
|
{
|
||||||
"value": "analytic-debates-within-the-organisation",
|
"value": "x86",
|
||||||
"expanded": "analytic debates within the organisation"
|
"expanded": "x86-32 & x86-64"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "devils-advocates-methodology",
|
"value": "arm",
|
||||||
"expanded": "Devil's advocates methodlogy"
|
"expanded": "ARM & ARM-64"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "competitive-analysis",
|
"value": "mips",
|
||||||
"expanded": "competitive analysis"
|
"expanded": "mips & mips-64"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "interdisciplinary-brainstorming",
|
"value": "powerpc",
|
||||||
"expanded": "interdisciplinary brainstorming"
|
"expanded": "PowerPC"
|
||||||
|
}
|
||||||
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "intra-office-peer-review",
|
"predicate": "binary-reversing-experience",
|
||||||
"expanded": "intra-office peer review"
|
"entry": [
|
||||||
|
{
|
||||||
|
"numerical_value": 1,
|
||||||
|
"value": "less-than-1-year",
|
||||||
|
"expanded": "Less than 1 year"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "outside-expertise-review",
|
"numerical_value": 2,
|
||||||
"expanded": "Outside expertise review"
|
"value": "between-1-and-5-years",
|
||||||
|
"expanded": "Between 1 and 5 years"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"numerical_value": 3,
|
||||||
|
"value": "between-5-and-10-years",
|
||||||
|
"expanded": "Between 5 and 10 years"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"numerical_value": 4,
|
||||||
|
"value": "between-10-and-20-years",
|
||||||
|
"expanded": "Between 10 and 20 years"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"numerical_value": 5,
|
||||||
|
"value": "more-than-20-years",
|
||||||
|
"expanded": "More than 20 years"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"predicate": "os",
|
||||||
|
"entry": [
|
||||||
|
{
|
||||||
|
"value": "windows",
|
||||||
|
"expanded": "Current Microsoft Windows system"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "linux",
|
||||||
|
"expanded": "GNU/linux derivative OS"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "ios",
|
||||||
|
"expanded": "Current IOS"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "macos",
|
||||||
|
"expanded": "Current Apple OS"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "android",
|
||||||
|
"expanded": "Current Android OS"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "bsd",
|
||||||
|
"expanded": "BSD"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"predicate": "web",
|
||||||
|
"entry": [
|
||||||
|
{
|
||||||
|
"value": "ipex",
|
||||||
|
"expanded": "Inter-protocol exploitations"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "common",
|
||||||
|
"expanded": "Common vulnerabilities as SQL injections, CSRF, XSS, CSP bypasses, etc."
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "js-desobfuscation",
|
||||||
|
"expanded": "De-obfuscation of Javascript payloads"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"predicate": "web-experience",
|
||||||
|
"entry": [
|
||||||
|
{
|
||||||
|
"numerical_value": 1,
|
||||||
|
"value": "less-than-1-year",
|
||||||
|
"expanded": "Less than 1 year"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"numerical_value": 2,
|
||||||
|
"value": "between-1-and-5-years",
|
||||||
|
"expanded": "Between 1 and 5 years"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"numerical_value": 3,
|
||||||
|
"value": "between-5-and-10-years",
|
||||||
|
"expanded": "Between 5 and 10 years"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"numerical_value": 4,
|
||||||
|
"value": "between-10-and-20-years",
|
||||||
|
"expanded": "Between 10 and 20 years"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"numerical_value": 5,
|
||||||
|
"value": "more-than-20-years",
|
||||||
|
"expanded": "More than 20 years"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"predicate": "crypto-experience",
|
||||||
|
"entry": [
|
||||||
|
{
|
||||||
|
"numerical_value": 1,
|
||||||
|
"value": "less-than-1-year",
|
||||||
|
"expanded": "Less than 1 year"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"numerical_value": 2,
|
||||||
|
"value": "between-1-and-5-years",
|
||||||
|
"expanded": "Between 1 and 5 years"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"numerical_value": 3,
|
||||||
|
"value": "between-5-and-10-years",
|
||||||
|
"expanded": "Between 5 and 10 years"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"numerical_value": 4,
|
||||||
|
"value": "between-10-and-20-years",
|
||||||
|
"expanded": "Between 10 and 20 years"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"numerical_value": 5,
|
||||||
|
"value": "more-than-20-years",
|
||||||
|
"expanded": "More than 20 years"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue