MISP
/
misp-taxonomies
mirror of https://github.com/MISP/misp-taxonomies
2
0
Fork 0
Code Issues Releases Wiki Activity
621 Commits
6 Branches
32 Tags
6.6 MiB
Commit Graph

621 Commits (68b3490d8b4a13e3ee60478c3859fc1f71828813)

Author SHA1 Message Date
Alexandre Dulaunoy f3b4f3541d
Merge pull request #93 from F3N0B1/patch-1 
eu-nis-sector-and-subsectors
 2018-03-17 21:00:59 +01:00
F3N0B1 24d9381846
Create eu-nis-sector-and-subsectors 
Taxonomy created that includes the sectors and sub sectors according to the NIS Directive. 
Adding the sub sectors allows creation of using more detailed tags. 
Content is strictly based on the directive requirements.
 2018-03-17 23:07:56 +11:00
Alexandre Dulaunoy f21f4bbb5f
fix: a typo to include numerical_value in the asciidoctor output 2018-03-16 12:01:23 +01:00
Alexandre Dulaunoy 11021d1e2b
add: priority-level added in MANIFEST 
After an incident is scored, it is assigned a priority level. The six levels listed below are aligned with NCCIC, DHS, and the CISS to help provide a common lexicon when discussing incidents. This priority assignment drives NCCIC urgency, pre-approved incident response offerings, reporting requirements, and recommendations for leadership escalation. Generally, incident priority distribution should follow a similar pattern to the graph below. Based on https://www.us-cert.gov/NCCIC-Cyber-Incident-Scoring-System.
 2018-03-16 11:43:05 +01:00
Alexandre Dulaunoy 5e5fad2206
add: new priority-level taxonomy based on NCCIC Cyber Incident Scoring System 2018-03-15 15:40:30 +01:00
Alexandre Dulaunoy cee6c9dc96
fix: add cryptojacking as proposed in #90 - CIRCL will do the update on 
their side too.
 2018-03-15 10:20:05 +01:00
Alexandre Dulaunoy 1b4cb19909
add: add missing galaxy in the case we need a large group of 
classification
 2018-03-05 09:00:17 +01:00
Alexandre Dulaunoy 512516eabe
fix: description are top-level of the namespace is different than 
description at lower levels.
 2018-02-18 12:37:45 +01:00
Alexandre Dulaunoy ffef98ad71
Cyber Threat Framework added in README 2018-02-18 12:17:00 +01:00
Alexandre Dulaunoy f63e845c4d
fix: version missing added in cyber-threat-framework 2018-02-18 12:14:18 +01:00
Alexandre Dulaunoy 63d2e12dde
Merge branch 'master' of github.com:MISP/misp-taxonomies 2018-02-18 12:10:10 +01:00
Alexandre Dulaunoy 1bcd3f6764
add: cyber-threat-framework taxonomy added 
Cyber Threat Framework was developed by the US Government to enable consistent characterization and categorization of cyber threat events, and to identify trends or changes in the activities of
 cyber adversaries.
 2018-02-18 12:08:56 +01:00
Raphaël Vinot 71d9ebb2da fix: Order of predicate (misp). 2018-02-07 11:05:15 +01:00
Raphaël Vinot a0b3a6a59f fix: Typos in predicate names (CERT-XLM & pentest). 2018-02-07 11:04:32 +01:00
Alexandre Dulaunoy 9740e61c50
Merge pull request #88 from yannw/patch-3 
Update machinetag.json
 2018-02-06 11:54:52 +01:00
yannw cd46e95472
Update machinetag.json 
added "please analyse sample" tag
 2018-02-06 11:24:21 +01:00
Alexandre Dulaunoy aa6af578f9
Merge pull request #85 from gianninou/master 
add pentext taxonomy
 2018-01-31 11:54:28 +01:00
Valentin Giannini 66e875419a add references for pentest taxonomy 2018-01-31 10:39:24 +01:00
Alexandre Dulaunoy 4a1095ad12
add: incident-disposition taxonomy 2018-01-30 11:17:49 +01:00
Alexandre Dulaunoy bb434d1a60
new: incident-disposition taxonomy added 2018-01-30 11:10:06 +01:00
Valentin Giannini 7f74277952 update namespace pentest 2018-01-29 09:33:14 +01:00
Valentin Giannini 4f0cc90915 add pentext taxonomy 2018-01-29 09:26:00 +01:00
Alexandre Dulaunoy 8363e549ba
Merge pull request #83 from gianninou/master 
Add CERT-XLM taxonomie
 2018-01-19 08:57:36 +01:00
Valentin Giannini f94a624934 add CERT-XLM on MANIFEST.json 2018-01-19 08:34:51 +01:00
Valentin Giannini 162c02e4f9 update CERT-XLM json 2018-01-19 08:32:34 +01:00
Valentin Giannini 8c576c2da8 add missing 2018-01-18 16:23:39 +01:00
Valentin Giannini 9a9da7e532 add CERT-XLM taxonomie 2018-01-18 15:07:06 +01:00
Alexandre Dulaunoy 947ef6d0e3
Merge pull request #81 from droe/master 
Set exclusive flag on misp:automation-level predicate
 2018-01-12 19:35:28 +01:00
Daniel Roethlisberger 2a3ee9ead6 Set exclusive flag on automation-level predicate 2018-01-12 16:55:49 +01:00
Alexandre Dulaunoy 72cba6bd92
Merge pull request #80 from droe/master 
Add automation-level predicate to misp taxonomy
 2018-01-12 16:45:13 +01:00
Daniel Roethlisberger 4f9f3decfe Bumping version to 6 2018-01-12 16:35:42 +01:00
Daniel Roethlisberger a2c8089aa3 Add automation-level to the list of predicate descriptions 2018-01-12 16:19:29 +01:00
Daniel Roethlisberger 13bed50071 Rename "automatic" to "unsupervised" after review with @amuehlem 2018-01-12 16:04:38 +01:00
Daniel Roethlisberger af3ba8ea50 add: New predicate misp:automation-level indicating whether an event or 
attribute was imported into MISP in a fully automatic fashion, was
reviewed by a human, or directly stems from manual analysis.

/cc @h122015
 2018-01-12 15:42:24 +01:00
Raphaël Vinot 2014d367c9 chg: Change predicate order to make PyTaxonomies happy 2018-01-04 17:38:08 +01:00
Alexandre Dulaunoy 47eba12569
add: new taxonomy added Christian Seifert, Ian Welch, Peter Komisarczuk, ‘Taxonomy of Honeypots’, Technical Report CS-TR-06/12, VICTORIA UNIVERSITY OF WELLINGTON, School of Mathematical and Computing Sciences, June 2006, http://www.mcs.vuw.ac.nz/comp/Publications/archive/CS-TR-06/CS-TR-06-12.pdf 2018-01-03 14:00:56 +01:00
Alexandre Dulaunoy 23af924390
Merge pull request #79 from michael-hamm/master 
Honeypot basic taxonomy
 2018-01-03 13:55:41 +01:00
Michael Hamm 7a358b6d8f replace underscore with dash 2018-01-03 13:54:07 +01:00
Michael Hamm 6b4d248231 Role in Multi-tier Architecture added 2018-01-03 11:14:36 +01:00
Michael Hamm 90afc7121e communication-interface added 2018-01-03 11:09:06 +01:00
Michael Hamm 2c8ad8d4c0 Distribution Appearance added 2018-01-03 10:59:32 +01:00
Michael Hamm c60027f001 Containment added 2018-01-03 10:51:34 +01:00
Michael Hamm 1c15c48c3c Data Capture added 2018-01-03 10:40:19 +01:00
Michael Hamm 4a36d1b78f Honeypot basic taxonomy 2018-01-03 10:25:36 +01:00
Alexandre Dulaunoy db95d757a9
Fixed 2017-12-28 17:37:58 +01:00
Alexandre Dulaunoy 2c0657fd68
new taxonomy runtime-packer added 
Runtime or software packer used to combine compressed data with the decompression code. The decompression code can add additional obfuscations mechanisms including polymorphic-packer or other o
bfuscation techniques. This taxonomy lists all the known or official packer used for legitimate use or for packing malicious binaries.
 2017-12-28 17:36:51 +01:00
Alexandre Dulaunoy ecd5f9b72d
fix: misp tool added (misp2stix) to be used as label 2017-12-19 17:58:35 +01:00
Alexandre Dulaunoy ad237dd30a
Manifest updated 2017-12-11 12:09:53 +01:00
Alexandre Dulaunoy 3311cba0b6
workflow: review credibility added 2017-12-11 10:27:08 +01:00
Alexandre Dulaunoy 09391fd840
Perms changed 2017-12-10 16:31:06 +01:00