Commit Graph

187 Commits (7258275fc0eaca278c8c111893754840c52d3845)

Author SHA1 Message Date
Raphaël Vinot e7df5c2e66 Merge branch 'master' of github.com:MISP/misp-taxonomies 2019-11-19 10:59:38 +01:00
Raphaël Vinot 4d59a1da92 new: Add mwdb taxonomy 2019-11-19 10:56:30 +01:00
Alexandre Dulaunoy e429c559d9
chg: [MANIFEST] updated 2019-11-18 10:25:26 +01:00
Alexandre Dulaunoy d0e03885fa
chg: [MANIFEST] updated 2019-11-16 09:00:37 +01:00
Alexandre Dulaunoy 336ceabf31
chg: [false-positive] missing expanded 2019-11-07 13:48:14 +01:00
Alexandre Dulaunoy 68d49d9bc5
chg: [IOT] Data Sharing Level is now exclusive 2019-11-06 08:58:59 +01:00
Alexandre Dulaunoy 854f33e770
chg: [MANIFEST] newline is the king of the castle 2019-11-05 15:26:20 +01:00
mokaddem a7bba2caeb fix: [tool] Write in utf8 2019-11-05 15:13:41 +01:00
Alexandre Dulaunoy cf20bb8e0d
chg: [MANIFEST] update 2019-11-05 14:44:18 +01:00
mokaddem 4e21962961 new: Added Manifest and Markdown generators 2019-11-05 12:00:28 +01:00
Deborah Servili b9e08931a5
jq 2019-10-30 13:26:06 +01:00
Deborah Servili dab1449212
Update MANIFEST.json 2019-10-30 13:19:18 +01:00
root 0ad8d73b9c <Risk Management> 2019-10-24 14:30:10 +02:00
root 2e3d3c466f <comit> 2019-10-24 14:10:45 +02:00
Nedfire23 a2ba83430d
Merge branch 'master' into master 2019-10-24 13:30:59 +02:00
root f0410bd97f <GEA-Directory> 2019-10-24 13:10:36 +02:00
Alexandre Dulaunoy 47a4080c14
chg: [coa] typo fixed for deceive 2019-10-23 11:43:35 +02:00
Alexandre Dulaunoy 81179ad7c3
chg: [MANIFEST] jq all the things 2019-10-23 11:18:57 +02:00
Alexandre Dulaunoy 4f673c758c
Merge branch 'master' of https://github.com/yannw/misp-taxonomies into yannw-master 2019-10-23 11:18:24 +02:00
yannw 6714b04f01
Update MANIFEST.json 2019-10-22 03:13:08 +02:00
Alexandre Dulaunoy 9a205bbf41
chg: [MANIFEST] updated to the latest version 2019-10-18 14:38:33 +02:00
Alexandre Dulaunoy 33e55b6db3
Merge branch 'master' of github.com:MISP/misp-taxonomies 2019-09-09 09:53:06 +02:00
Alexandre Dulaunoy 025497be51
chg: [MANIFEST] updated to the latest version 2019-09-09 09:52:29 +02:00
Dennis Rand 5e52a0aee3 Added Course of Action
A Course Of Action analysis considers six potential courses of action for the development of a cyber security capability.
2019-09-05 20:38:24 +02:00
Alexandre Dulaunoy e726c1a8c0
chg: [collaborative-intelligence] request malware config added
Following feedback during a workshop session at a bank.
2019-09-03 15:53:04 +02:00
Alexandre Dulaunoy 306a22836b
chg: [false-positive] reorder the logic behind the numerical_value (to be consistent with the decaying model) 2019-08-27 08:18:48 +02:00
Alexandre Dulaunoy 022562ec89
chg: [MANIFEST] updated targeted-threat-index 2019-08-27 08:16:55 +02:00
Alexandre Dulaunoy b722672554
new: [ics] FIRST.ORG CTI SIG - MISP Proposal for ICS/OT Threat Attribution (IOC) Project (WiP) 2019-08-26 14:50:09 +02:00
Alexandre Dulaunoy f9d4fa09d3
chg: [MANIFEST] phishing taxonomy updated 2019-08-22 15:54:39 +02:00
Alexandre Dulaunoy 59a5e4610b
chg: [MANIFEST] phishing taxonomy added 2019-08-20 15:41:10 +02:00
Raphaël Vinot 86e83ecab5 fix: Broken json 2019-07-23 18:33:25 +02:00
Raphaël Vinot 9e1059eb45 chg: Bump Manifest 2019-07-23 18:30:35 +02:00
Alexandre Dulaunoy 1da9c71de1
new: [csirt-americas] taxonomy updated 2019-07-05 07:26:02 +02:00
Alexandre Dulaunoy 94ec6b6bfa
chg: [all] Sami request to have "numerical values" for the decaying indicators project 2019-06-25 12:38:47 +02:00
Alexandre Dulaunoy 00c06dc0de
new: [threats-to-dns] New taxonomy threats to DNS
An overview of some of the known attacks related to DNS as described by Torabi, S., Boukhtouta, A., Assi, C., & Debbabi, M. (2018) in Detecting Internet Abuse by Analyzing
Passive DNS Traffic: A Survey of Implemented Systems. IEEE Communications Surveys & Tutorials, 1–1. doi:10.1109/comst.2018.2849614

As seen during FIRSTCON19
2019-06-21 08:58:14 +02:00
Alexandre Dulaunoy 8650ff0c05
chg: [dark-web] taxonomy version updated 2019-06-17 09:09:43 +02:00
Alexandre Dulaunoy ee8a67f111
chg: [darkweb] updated to the latest version 2019-06-14 20:37:40 +02:00
Alexandre Dulaunoy 7675d98902
chg: [MANIFEST] retention taxonomy added 2019-05-21 13:34:46 +02:00
Alexandre Dulaunoy 46b8c68cda
add: [dark-web] Criminal motivation on the dark web: A categorisation model for law enforcement
Ref:

Criminal motivation on the dark web: A categorisation model for law
enforcement
Janis Dalins, Campbell Wilson, Mark Carman
2019-05-17 16:33:22 +02:00
Alexandre Dulaunoy 4092752c2e
chg: [MANIFEST] ransonware added in the manifest 2019-04-10 12:59:38 +02:00
Alexandre Dulaunoy 61a9b812ce
chg: [MANIFEST] fix the EUCI description 2019-04-08 10:29:52 +02:00
Alexandre Dulaunoy 7697111df5
chg: [common-taxonomy] version fixed 2019-04-07 21:31:45 +02:00
Alexandre Dulaunoy 4106e8591e
chg: [MANIFEST] common-taxonomy added 2019-04-07 21:22:18 +02:00
Raphaël Vinot 2c9b98a5a6 Merge branch 'master' of github.com:MISP/misp-taxonomies 2019-04-01 13:16:42 +02:00
Raphaël Vinot df1519a4b5 Add drugs taxonomy.
Initial source: https://github.com/HTasselli/taxonomy_drugs
2019-04-01 13:16:03 +02:00
Alexandre Dulaunoy 6798f9580e
chg: [dcso-sharing] fixing the path 2019-03-25 20:30:18 +01:00
Mezz 9704a7fced DCSO Sharing Taxonomy added 2019-03-25 13:38:21 +01:00
Alexandre Dulaunoy 78b15772a0
new: [flesch-reading-ease] Flesch Reading Ease is a revised system for determining the comprehension difficulty of written material. The scoring of the flesh score can have a maximum of 121.22 and there is no limit on how low a score can be (negative score are valid). 2019-03-16 10:28:27 +01:00
Alexandre Dulaunoy bb9cf757ed
chg: [MANIFEST] updated to the latest version 2019-02-27 07:31:06 +01:00
Alexandre Dulaunoy 8b57a1bf14
chg: [MANIFEST] updated for the exercise taxonomy 2019-02-25 16:40:30 +01:00
Alexandre Dulaunoy 4c995a260c
chg: [MANIFEST] fixed 2019-02-01 18:44:15 +01:00
Alexandre Dulaunoy 95c64af67f
new: [information-security-data-source] add new taxonomy 2019-01-07 21:51:30 +01:00
Alexandre Dulaunoy c2292fca97
add: [type] Taxonomy to describe different types of intelligence gathering discipline which can be described the origin of intelligence.
This taxonomy has been created for various reasons:

 - For the past years, we have seen a recurring tag called "type:osint"
   actively used by various sharing communities.
 - The Intelligence Community is actively using the information
   gathering classification.

So we basically merged in the type namespace which has the advantage
to keep the old free tag "type:osint" valid and get a more consistent approach
for the overall classification used in information gathering in IC.
2018-12-25 15:55:11 +01:00
Alexandre Dulaunoy 480a382fc3
add: [data-classification] Data classification for data potentially at risk of exfiltration based on table 2.1 of Solving Cyber Risk book. 2018-12-22 20:07:35 +01:00
Alexandre Dulaunoy 1718838f11
chg: [economical-scale] updated to the latest version 2018-12-22 14:57:41 +01:00
Raphaël Vinot e1fa26c93b chg: Update MANIFEST file 2018-12-11 15:56:15 +01:00
Alexandre Dulaunoy eacd965304
chg: [MANIFEST] updated descriptions 2018-11-27 09:05:51 +01:00
Alexandre Dulaunoy 40cfb8ae15
chg: description improved of the accessnow and action-taken taxonomies 2018-11-27 08:53:26 +01:00
Alexandre Dulaunoy ebd200db1c
chg: [exercise] NATO exercise added 2018-11-07 14:07:24 +01:00
Alexandre Dulaunoy 636a8938f4
chg: cyber-exercise is now less cyber cyber cyber 2018-11-07 10:10:30 +01:00
Alexandre Dulaunoy 7b6e816ff3
chg: [MANIFEST] Cyber exercise is a taxonomy to describe if the information is part of one or more cyber or crisis exercise added 2018-11-07 09:48:23 +01:00
Alexandre Dulaunoy ccac43687f
chg: [event-classification] event-classification renamed + description updated 2018-11-06 11:14:43 +01:00
Michael Hamm 096470664b Move RTIR Event Classification to Generic Event Classification 2018-11-06 10:15:45 +01:00
Michael Hamm 2be3f59296 Fix Mainifest 2018-11-06 10:11:22 +01:00
iglocska 7149fd9099 Merge branch 'master' of github.com:MISP/misp-taxonomies 2018-10-30 12:20:59 +01:00
iglocska 49ff4ff5a8 new: added gsma-fraud taxonomy 2018-10-30 12:19:45 +01:00
Alexandre Dulaunoy bcd037d581
chg: [MANIFEST] updated with gsma-network-technology 2018-10-30 11:39:50 +01:00
Alexandre Dulaunoy ce7532bd4f
fix: [gsma-attack-category] added in the manifest 2018-10-30 11:20:38 +01:00
Raphaël Vinot c63bc2e687 new: CCCS taxonomies, first batch 2018-10-24 15:38:41 -04:00
raw-data 7630b40351
Update MANIFEST.json 2018-09-30 15:28:29 +01:00
raw-data eeed4adf00 [add] new file-type taxonomy + version bump 2018-09-30 15:07:48 +01:00
Alexandre Dulaunoy f67d13ae65
chg: [manifest] updated to the latest revision 2018-09-24 15:48:41 +02:00
Alexandre Dulaunoy 7f36c65c54
chg: [monarc-threat] taxonomy added 2018-09-12 09:31:11 +02:00
Alexandre Dulaunoy b7ebd32485
chg: [honeypot-simple] updated to the new version 2018-08-31 07:20:46 +02:00
Alexandre Dulaunoy 8481f0eddc
chg: ifx-vetting added 2018-08-07 15:04:31 +02:00
Alexandre Dulaunoy 4b1c62d297
chg: [nis] NIS taxonomy added to the Manifest 2018-07-18 21:59:52 +02:00
Alexandre Dulaunoy 6424d797e5
rsit should be lower-case 2018-07-12 15:04:09 +02:00
Alexandre Dulaunoy 73818530a6
Manifest fixed with proper name 2018-07-12 15:00:06 +02:00
Alexandre Dulaunoy 49f4c9d435
new: [rsit] Reference Security Incident Classification Taxonomy added
thanks to ENISA @amicaross @aaronkaplan
2018-07-12 14:30:01 +02:00
Raphaël Vinot ca76147d73 new: False positive taxonomy 2018-07-06 17:38:59 +02:00
Alexandre Dulaunoy df2eb92d52
add: [WiP] Threat taxonomy in the scope of securing smart airports by ENISA. 2018-06-14 22:39:13 +02:00
Alexandre Dulaunoy 51e0cd38f7
fix: MAEC namespace added 2018-05-25 11:24:43 +02:00
Alexandre Dulaunoy 63ac557ad1
add: The COPINE Scale is a rating system created in Ireland and used in the United Kingdom to categorise the severity of images of child sex abuse. 2018-05-22 00:53:13 +02:00
Alexandre Dulaunoy 873ae71ba9
add: A taxonomy describing information leaks and especially information classified as being potentially leaked. 2018-05-15 08:24:53 +02:00
Alexandre Dulaunoy 47e838bea3
MANIFEST file updated for fpf and gdpr taxonomy 2018-05-02 17:46:16 +02:00
Alexandre Dulaunoy 132b8baf74
add: Economical impact is a taxonomy to describe the financial impact as positive or negative gain to the tagged information. 2018-04-24 10:24:43 +02:00
Alexandre Dulaunoy 3f93daa066
add: Expressing Confidence In Analytic Judgments 2018-04-08 20:49:23 +02:00
Alexandre Dulaunoy 4996ebb4a2
fix: MANIFEST updated 2018-03-17 21:12:42 +01:00
Alexandre Dulaunoy 11021d1e2b
add: priority-level added in MANIFEST
After an incident is scored, it is assigned a priority level. The six levels listed below are aligned with NCCIC, DHS, and the CISS to help provide a common lexicon when discussing incidents. This priority assignment drives NCCIC urgency, pre-approved incident response offerings, reporting requirements, and recommendations for leadership escalation. Generally, incident priority distribution should follow a similar pattern to the graph below. Based on https://www.us-cert.gov/NCCIC-Cyber-Incident-Scoring-System.
2018-03-16 11:43:05 +01:00
Alexandre Dulaunoy 1bcd3f6764
add: cyber-threat-framework taxonomy added
Cyber Threat Framework was developed by the US Government to enable consistent characterization and categorization of cyber threat events, and to identify trends or changes in the activities of
 cyber adversaries.
2018-02-18 12:08:56 +01:00
Alexandre Dulaunoy aa6af578f9
Merge pull request #85 from gianninou/master
add pentext taxonomy
2018-01-31 11:54:28 +01:00
Alexandre Dulaunoy 4a1095ad12
add: incident-disposition taxonomy 2018-01-30 11:17:49 +01:00
Valentin Giannini 4f0cc90915 add pentext taxonomy 2018-01-29 09:26:00 +01:00
Valentin Giannini f94a624934 add CERT-XLM on MANIFEST.json 2018-01-19 08:34:51 +01:00
Alexandre Dulaunoy 47eba12569
add: new taxonomy added Christian Seifert, Ian Welch, Peter Komisarczuk, ‘Taxonomy of Honeypots’, Technical Report CS-TR-06/12, VICTORIA UNIVERSITY OF WELLINGTON, School of Mathematical and Computing Sciences, June 2006, http://www.mcs.vuw.ac.nz/comp/Publications/archive/CS-TR-06/CS-TR-06-12.pdf 2018-01-03 14:00:56 +01:00
Alexandre Dulaunoy 2c0657fd68
new taxonomy runtime-packer added
Runtime or software packer used to combine compressed data with the decompression code. The decompression code can add additional obfuscations mechanisms including polymorphic-packer or other o
bfuscation techniques. This taxonomy lists all the known or official packer used for legitimate use or for packing malicious binaries.
2017-12-28 17:36:51 +01:00
Alexandre Dulaunoy ecd5f9b72d
fix: misp tool added (misp2stix) to be used as label 2017-12-19 17:58:35 +01:00
Alexandre Dulaunoy ad237dd30a
Manifest updated 2017-12-11 12:09:53 +01:00
Alexandre Dulaunoy 09391fd840
Perms changed 2017-12-10 16:31:06 +01:00
Alexandre Dulaunoy 1baaaa1ee1
add: Workflow support language is a common language to support intelligence analysts to perform their analysis on data and information. 2017-12-10 16:29:20 +01:00