Commit Graph

618 Commits (97df10ab9eb22352fa6edd62e3e0947805138a35)

Author SHA1 Message Date
Alexandre Dulaunoy 11021d1e2b
add: priority-level added in MANIFEST
After an incident is scored, it is assigned a priority level. The six levels listed below are aligned with NCCIC, DHS, and the CISS to help provide a common lexicon when discussing incidents. This priority assignment drives NCCIC urgency, pre-approved incident response offerings, reporting requirements, and recommendations for leadership escalation. Generally, incident priority distribution should follow a similar pattern to the graph below. Based on https://www.us-cert.gov/NCCIC-Cyber-Incident-Scoring-System.
2018-03-16 11:43:05 +01:00
Alexandre Dulaunoy 5e5fad2206
add: new priority-level taxonomy based on NCCIC Cyber Incident Scoring System 2018-03-15 15:40:30 +01:00
Alexandre Dulaunoy cee6c9dc96
fix: add cryptojacking as proposed in #90 - CIRCL will do the update on
their side too.
2018-03-15 10:20:05 +01:00
Alexandre Dulaunoy 1b4cb19909
add: add missing galaxy in the case we need a large group of
classification
2018-03-05 09:00:17 +01:00
Alexandre Dulaunoy 512516eabe
fix: description are top-level of the namespace is different than
description at lower levels.
2018-02-18 12:37:45 +01:00
Alexandre Dulaunoy ffef98ad71
Cyber Threat Framework added in README 2018-02-18 12:17:00 +01:00
Alexandre Dulaunoy f63e845c4d
fix: version missing added in cyber-threat-framework 2018-02-18 12:14:18 +01:00
Alexandre Dulaunoy 63d2e12dde
Merge branch 'master' of github.com:MISP/misp-taxonomies 2018-02-18 12:10:10 +01:00
Alexandre Dulaunoy 1bcd3f6764
add: cyber-threat-framework taxonomy added
Cyber Threat Framework was developed by the US Government to enable consistent characterization and categorization of cyber threat events, and to identify trends or changes in the activities of
 cyber adversaries.
2018-02-18 12:08:56 +01:00
Raphaël Vinot 71d9ebb2da fix: Order of predicate (misp). 2018-02-07 11:05:15 +01:00
Raphaël Vinot a0b3a6a59f fix: Typos in predicate names (CERT-XLM & pentest). 2018-02-07 11:04:32 +01:00
Alexandre Dulaunoy 9740e61c50
Merge pull request #88 from yannw/patch-3
Update machinetag.json
2018-02-06 11:54:52 +01:00
yannw cd46e95472
Update machinetag.json
added "please analyse sample" tag
2018-02-06 11:24:21 +01:00
Alexandre Dulaunoy aa6af578f9
Merge pull request #85 from gianninou/master
add pentext taxonomy
2018-01-31 11:54:28 +01:00
Valentin Giannini 66e875419a add references for pentest taxonomy 2018-01-31 10:39:24 +01:00
Alexandre Dulaunoy 4a1095ad12
add: incident-disposition taxonomy 2018-01-30 11:17:49 +01:00
Alexandre Dulaunoy bb434d1a60
new: incident-disposition taxonomy added 2018-01-30 11:10:06 +01:00
Valentin Giannini 7f74277952 update namespace pentest 2018-01-29 09:33:14 +01:00
Valentin Giannini 4f0cc90915 add pentext taxonomy 2018-01-29 09:26:00 +01:00
Alexandre Dulaunoy 8363e549ba
Merge pull request #83 from gianninou/master
Add CERT-XLM taxonomie
2018-01-19 08:57:36 +01:00
Valentin Giannini f94a624934 add CERT-XLM on MANIFEST.json 2018-01-19 08:34:51 +01:00
Valentin Giannini 162c02e4f9 update CERT-XLM json 2018-01-19 08:32:34 +01:00
Valentin Giannini 8c576c2da8 add missing 2018-01-18 16:23:39 +01:00
Valentin Giannini 9a9da7e532 add CERT-XLM taxonomie 2018-01-18 15:07:06 +01:00
Alexandre Dulaunoy 947ef6d0e3
Merge pull request #81 from droe/master
Set exclusive flag on misp:automation-level predicate
2018-01-12 19:35:28 +01:00
Daniel Roethlisberger 2a3ee9ead6 Set exclusive flag on automation-level predicate 2018-01-12 16:55:49 +01:00
Alexandre Dulaunoy 72cba6bd92
Merge pull request #80 from droe/master
Add automation-level predicate to misp taxonomy
2018-01-12 16:45:13 +01:00
Daniel Roethlisberger 4f9f3decfe Bumping version to 6 2018-01-12 16:35:42 +01:00
Daniel Roethlisberger a2c8089aa3 Add automation-level to the list of predicate descriptions 2018-01-12 16:19:29 +01:00
Daniel Roethlisberger 13bed50071 Rename "automatic" to "unsupervised" after review with @amuehlem 2018-01-12 16:04:38 +01:00
Daniel Roethlisberger af3ba8ea50 add: New predicate misp:automation-level indicating whether an event or
attribute was imported into MISP in a fully automatic fashion, was
reviewed by a human, or directly stems from manual analysis.

/cc @h122015
2018-01-12 15:42:24 +01:00
Raphaël Vinot 2014d367c9 chg: Change predicate order to make PyTaxonomies happy 2018-01-04 17:38:08 +01:00
Alexandre Dulaunoy 47eba12569
add: new taxonomy added Christian Seifert, Ian Welch, Peter Komisarczuk, ‘Taxonomy of Honeypots’, Technical Report CS-TR-06/12, VICTORIA UNIVERSITY OF WELLINGTON, School of Mathematical and Computing Sciences, June 2006, http://www.mcs.vuw.ac.nz/comp/Publications/archive/CS-TR-06/CS-TR-06-12.pdf 2018-01-03 14:00:56 +01:00
Alexandre Dulaunoy 23af924390
Merge pull request #79 from michael-hamm/master
Honeypot basic taxonomy
2018-01-03 13:55:41 +01:00
Michael Hamm 7a358b6d8f replace underscore with dash 2018-01-03 13:54:07 +01:00
Michael Hamm 6b4d248231 Role in Multi-tier Architecture added 2018-01-03 11:14:36 +01:00
Michael Hamm 90afc7121e communication-interface added 2018-01-03 11:09:06 +01:00
Michael Hamm 2c8ad8d4c0 Distribution Appearance added 2018-01-03 10:59:32 +01:00
Michael Hamm c60027f001 Containment added 2018-01-03 10:51:34 +01:00
Michael Hamm 1c15c48c3c Data Capture added 2018-01-03 10:40:19 +01:00
Michael Hamm 4a36d1b78f Honeypot basic taxonomy 2018-01-03 10:25:36 +01:00
Alexandre Dulaunoy db95d757a9
Fixed 2017-12-28 17:37:58 +01:00
Alexandre Dulaunoy 2c0657fd68
new taxonomy runtime-packer added
Runtime or software packer used to combine compressed data with the decompression code. The decompression code can add additional obfuscations mechanisms including polymorphic-packer or other o
bfuscation techniques. This taxonomy lists all the known or official packer used for legitimate use or for packing malicious binaries.
2017-12-28 17:36:51 +01:00
Alexandre Dulaunoy ecd5f9b72d
fix: misp tool added (misp2stix) to be used as label 2017-12-19 17:58:35 +01:00
Alexandre Dulaunoy ad237dd30a
Manifest updated 2017-12-11 12:09:53 +01:00
Alexandre Dulaunoy 3311cba0b6
workflow: review credibility added 2017-12-11 10:27:08 +01:00
Alexandre Dulaunoy 09391fd840
Perms changed 2017-12-10 16:31:06 +01:00
Alexandre Dulaunoy e1b80f064c
Perms changed 2017-12-10 16:30:03 +01:00
Alexandre Dulaunoy 1baaaa1ee1
add: Workflow support language is a common language to support intelligence analysts to perform their analysis on data and information. 2017-12-10 16:29:20 +01:00
Alexandre Dulaunoy 35f6fa7595
fix: exclusive flag added in documentation generation 2017-12-01 08:54:34 +01:00