misp-taxonomies/passivetotal/machinetag.json

87 lines
1.5 KiB
JSON

{
"namespace": "passivetotal",
"expanded": "PassiveTotal",
"description": "Tags from RiskIQ's PassiveTotal service",
"version": 1,
"predicates": [
{
"value": "sinkholed",
"expanded": "Sinkhole Status"
},
{
"value": "ever-comprimised",
"expanded": "Ever Comprimised?"
},
{
"value": "class",
"expanded": "Classification"
},
{
"value": "dynamic-dns",
"expanded": "Dynamic DNS"
}
],
"values": [
{
"predicate": "sinkholed",
"entry": [
{
"value": "yes",
"expanded": "Yes"
},
{
"value": "no",
"expanded": "No"
}
]
},
{
"predicate": "ever-comprimised",
"entry": [
{
"value": "yes",
"expanded": "Yes"
},
{
"value": "no",
"expanded": "No"
}
]
},
{
"predicate": "dynamic-dns",
"entry": [
{
"value": "yes",
"expanded": "Yes"
},
{
"value": "no",
"expanded": "No"
}
]
},
{
"predicate": "class",
"entry": [
{
"value": "malicious",
"expanded": "Malicious"
},
{
"value": "suspicious",
"expanded": "Malicious"
},
{
"value": "non-malicious",
"expanded": "Non Malicious"
},
{
"value": "unknown",
"expanded": "Unknown"
}
]
}
]
}