chg: [doc] README updated
parent
146b031357
commit
ffcf1e309d
21
README.md
21
README.md
|
@ -10,6 +10,8 @@ Taxonomies that can be used in [MISP](https://github.com/MISP/MISP) (2.4) and ot
|
||||||
|
|
||||||
The following taxonomies can be used in MISP (as local or distributed tags) or in other tools and software willing to share common taxonomies among security information sharing tools.
|
The following taxonomies can be used in MISP (as local or distributed tags) or in other tools and software willing to share common taxonomies among security information sharing tools.
|
||||||
|
|
||||||
|
## List of available taxonomies
|
||||||
|
|
||||||
### CERT-XLM
|
### CERT-XLM
|
||||||
|
|
||||||
[CERT-XLM](https://github.com/MISP/misp-taxonomies/tree/main/CERT-XLM) :
|
[CERT-XLM](https://github.com/MISP/misp-taxonomies/tree/main/CERT-XLM) :
|
||||||
|
@ -30,11 +32,6 @@ The Detection Maturity Level (DML) model is a capability maturity model for refe
|
||||||
[PAP](https://github.com/MISP/misp-taxonomies/tree/main/PAP) :
|
[PAP](https://github.com/MISP/misp-taxonomies/tree/main/PAP) :
|
||||||
The Permissible Actions Protocol - or short: PAP - was designed to indicate how the received information can be used. [Overview](https://www.misp-project.org/taxonomies.html#_PAP)
|
The Permissible Actions Protocol - or short: PAP - was designed to indicate how the received information can be used. [Overview](https://www.misp-project.org/taxonomies.html#_PAP)
|
||||||
|
|
||||||
### ThreatMatch
|
|
||||||
|
|
||||||
[ThreatMatch](https://github.com/MISP/misp-taxonomies/tree/main/ThreatMatch) :
|
|
||||||
The ThreatMatch Sectors, Incident types, Malware types and Alert types are applicable for any ThreatMatch instances and should be used for all CIISI and TIBER Projects. [Overview](https://www.misp-project.org/taxonomies.html#_ThreatMatch)
|
|
||||||
|
|
||||||
### access-method
|
### access-method
|
||||||
|
|
||||||
[access-method](https://github.com/MISP/misp-taxonomies/tree/main/access-method) :
|
[access-method](https://github.com/MISP/misp-taxonomies/tree/main/access-method) :
|
||||||
|
@ -203,7 +200,7 @@ A subset of Information Security Marking Metadata ISM as required by Executive O
|
||||||
### domain-abuse
|
### domain-abuse
|
||||||
|
|
||||||
[domain-abuse](https://github.com/MISP/misp-taxonomies/tree/main/domain-abuse) :
|
[domain-abuse](https://github.com/MISP/misp-taxonomies/tree/main/domain-abuse) :
|
||||||
Domain Name Abuse - taxonomy to tag domain names used for cybercrime. Use europol-incident to tag abuse-activity [Overview](https://www.misp-project.org/taxonomies.html#_domain_abuse)
|
Domain Name Abuse - taxonomy to tag domain names used for cybercrime. [Overview](https://www.misp-project.org/taxonomies.html#_domain_abuse)
|
||||||
|
|
||||||
### drugs
|
### drugs
|
||||||
|
|
||||||
|
@ -570,10 +567,15 @@ TTPs are representations of the behavior or modus operandi of cyber adversaries.
|
||||||
[targeted-threat-index](https://github.com/MISP/misp-taxonomies/tree/main/targeted-threat-index) :
|
[targeted-threat-index](https://github.com/MISP/misp-taxonomies/tree/main/targeted-threat-index) :
|
||||||
The Targeted Threat Index is a metric for assigning an overall threat ranking score to email messages that deliver malware to a victim’s computer. The TTI metric was first introduced at SecTor 2013 by Seth Hardy as part of the talk “RATastrophe: Monitoring a Malware Menagerie” along with Katie Kleemola and Greg Wiseman. [Overview](https://www.misp-project.org/taxonomies.html#_targeted_threat_index)
|
The Targeted Threat Index is a metric for assigning an overall threat ranking score to email messages that deliver malware to a victim’s computer. The TTI metric was first introduced at SecTor 2013 by Seth Hardy as part of the talk “RATastrophe: Monitoring a Malware Menagerie” along with Katie Kleemola and Greg Wiseman. [Overview](https://www.misp-project.org/taxonomies.html#_targeted_threat_index)
|
||||||
|
|
||||||
### thales-group-taxonomy
|
### thales_group
|
||||||
|
|
||||||
[thales-group-taxonomy](https://github.com/MISP/misp-taxonomies/tree/main/thales-group-taxonomy) :
|
[thales_group](https://github.com/MISP/misp-taxonomies/tree/main/thales_group) :
|
||||||
This taxonomy was designed with the aim of enabling desired sharing and preventing unwanted sharing between Thales Group security communities.
|
Thales Group Taxonomy - was designed with the aim of enabling desired sharing and preventing unwanted sharing between Thales Group security communities. [Overview](https://www.misp-project.org/taxonomies.html#_thales_group)
|
||||||
|
|
||||||
|
### threatmatch
|
||||||
|
|
||||||
|
[threatmatch](https://github.com/MISP/misp-taxonomies/tree/main/threatmatch) :
|
||||||
|
The ThreatMatch Sectors, Incident types, Malware types and Alert types are applicable for any ThreatMatch instances and should be used for all CIISI and TIBER Projects. [Overview](https://www.misp-project.org/taxonomies.html#_threatmatch)
|
||||||
|
|
||||||
### threats-to-dns
|
### threats-to-dns
|
||||||
|
|
||||||
|
@ -625,7 +627,6 @@ Ce vocabulaire attribue des valeurs en pourcentage à certains énoncés de prob
|
||||||
[workflow](https://github.com/MISP/misp-taxonomies/tree/main/workflow) :
|
[workflow](https://github.com/MISP/misp-taxonomies/tree/main/workflow) :
|
||||||
Workflow support language is a common language to support intelligence analysts to perform their analysis on data and information. [Overview](https://www.misp-project.org/taxonomies.html#_workflow)
|
Workflow support language is a common language to support intelligence analysts to perform their analysis on data and information. [Overview](https://www.misp-project.org/taxonomies.html#_workflow)
|
||||||
|
|
||||||
|
|
||||||
# Reserved Taxonomy
|
# Reserved Taxonomy
|
||||||
|
|
||||||
The following taxonomy namespaces are reserved and used internally to MISP.
|
The following taxonomy namespaces are reserved and used internally to MISP.
|
||||||
|
|
Loading…
Reference in New Issue