MISP
/
misp-website
mirror of https://github.com/MISP/misp-website
2
0
Fork 0
Code Issues Releases Wiki Activity

add: [type] taxonomy

pull/8/head
Alexandre Dulaunoy 2018-12-25 16:03:28 +01:00
parent 6609a3d63e
commit 57de6bdd54
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
2 changed files with 154336 additions and 152112 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

284
taxonomies.html
View File

@ -463,6 +463,7 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
<li><a href="#_csirt_case_classification">csirt_case_classification</a></li>
<li><a href="#_cssa">cssa</a></li>
<li><a href="#_cyber_threat_framework">cyber-threat-framework</a></li>
<li><a href="#_data_classification">data-classification</a></li>
<li><a href="#_ddos">ddos</a></li>
<li><a href="#_de_vs">de-vs</a></li>
<li><a href="#_dhs_ciip_sectors">dhs-ciip-sectors</a></li>
@ -523,6 +524,7 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
<li><a href="#_targeted_threat_index">targeted-threat-index</a></li>
<li><a href="#_tlp">tlp</a></li>
<li><a href="#_tor">tor</a></li>
<li><a href="#_type_5">type</a></li>
<li><a href="#_use_case_applicability">use-case-applicability</a></li>
<li><a href="#_veris">veris</a></li>
<li><a href="#_vocabulaire_des_probabilites_estimatives">vocabulaire-des-probabilites-estimatives</a></li>
@ -4738,6 +4740,101 @@ cyber-threat-framework namespace available in JSON format at <a href="https://gi
</div>
</div>
<div class="sect1">
<h2 id="_data_classification">data-classification</h2>
<div class="sectionbody">
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
data-classification namespace available in JSON format at <a href="https://github.com/MISP/misp-taxonomies/blob/master/data-classification/machinetag.json"><strong>this location</strong></a>. The JSON format can be freely reused in your application or automatically enabled in <a href="https://www.github.com/MISP/MISP">MISP</a> taxonomy.
</td>
</tr>
</table>
</div>
<div class="paragraph">
<p>Data classification for data potentially at risk of exfiltration based on table 2.1 of Solving Cyber Risk book.</p>
</div>
<div class="sect2">
<h3 id="_regulated_data">regulated-data</h3>
<div class="paragraph">
<p>Data which is regulated under a specific regulation or law such as PII, SPD, PCI or PHI.</p>
</div>
<div class="sect3">
<h4 id="_data_classificationregulated_data">data-classification:regulated-data</h4>
<div class="paragraph">
<p>Regulated data</p>
</div>
<div class="paragraph">
<p>Data which is regulated under a specific regulation or law such as PII, SPD, PCI or PHI.</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_commercially_confidential_information">commercially-confidential-information</h3>
<div class="paragraph">
<p>Data which represents a specific commercial value and is confidential to an organisation such as trade secrets, customer accounts.</p>
</div>
<div class="sect3">
<h4 id="_data_classificationcommercially_confidential_information">data-classification:commercially-confidential-information</h4>
<div class="paragraph">
<p>Commercially confidential information (CCI)</p>
</div>
<div class="paragraph">
<p>Data which represents a specific commercial value and is confidential to an organisation such as trade secrets, customer accounts.</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_financially_sensitive_information">financially-sensitive-information</h3>
<div class="paragraph">
<p>Data which represents a specific financial value to an organisation such as payroll, investment information.</p>
</div>
<div class="sect3">
<h4 id="_data_classificationfinancially_sensitive_information">data-classification:financially-sensitive-information</h4>
<div class="paragraph">
<p>Financially sensitive information (FSI)</p>
</div>
<div class="paragraph">
<p>Data which represents a specific financial value to an organisation such as payroll, investment information.</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_valuation_sensitive_information">valuation-sensitive-information</h3>
<div class="paragraph">
<p>Data which is sensitive to the valuation of an organisation such as inside information (as defined by a Financial Services Authority).</p>
</div>
<div class="sect3">
<h4 id="_data_classificationvaluation_sensitive_information">data-classification:valuation-sensitive-information</h4>
<div class="paragraph">
<p>Valuation sensitive information (VSI)</p>
</div>
<div class="paragraph">
<p>Data which is sensitive to the valuation of an organisation such as inside information (as defined by a Financial Services Authority).</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_sensitive_information">sensitive-information</h3>
<div class="paragraph">
<p>Data which is sensitive such as email or letters.</p>
</div>
<div class="sect3">
<h4 id="_data_classificationsensitive_information">data-classification:sensitive-information</h4>
<div class="paragraph">
<p>Sensitive information</p>
</div>
<div class="paragraph">
<p>Data which is sensitive such as email or letters.</p>
</div>
</div>
</div>
</div>
</div>
<div class="sect1">
<h2 id="_ddos">ddos</h2>
<div class="sectionbody">
<div class="admonitionblock note">
@ -24059,6 +24156,191 @@ tor namespace available in JSON format at <a href="https://github.com/MISP/misp-
</div>
</div>
<div class="sect1">
<h2 id="_type_5">type</h2>
<div class="sectionbody">
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
type namespace available in JSON format at <a href="https://github.com/MISP/misp-taxonomies/blob/master/type/machinetag.json"><strong>this location</strong></a>. The JSON format can be freely reused in your application or automatically enabled in <a href="https://www.github.com/MISP/MISP">MISP</a> taxonomy.
</td>
</tr>
</table>
</div>
<div class="paragraph">
<p>Taxonomy to describe different types of intelligence gathering discipline which can be described the origin of intelligence.</p>
</div>
<div class="sect2">
<h3 id="_osint_2">OSINT</h3>
<div class="paragraph">
<p>gathered from open sources</p>
</div>
<div class="sect3">
<h4 id="_typeosint">type:OSINT</h4>
<div class="paragraph">
<p>Open Source Intelligence</p>
</div>
<div class="paragraph">
<p>gathered from open sources</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_sigint">SIGINT</h3>
<div class="paragraph">
<p>gathered from interception of signals</p>
</div>
<div class="sect3">
<h4 id="_typesigint">type:SIGINT</h4>
<div class="paragraph">
<p>Signal Intelligence</p>
</div>
<div class="paragraph">
<p>gathered from interception of signals</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_techint">TECHINT</h3>
<div class="paragraph">
<p>gathered from analysis of weapons and equipment used by the armed forces of foreign nations, or environmental conditions</p>
</div>
<div class="sect3">
<h4 id="_typetechint">type:TECHINT</h4>
<div class="paragraph">
<p>Technical Intelligence</p>
</div>
<div class="paragraph">
<p>gathered from analysis of weapons and equipment used by the armed forces of foreign nations, or environmental conditions</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_cybint">CYBINT</h3>
<div class="paragraph">
<p>gathered from active or passive exploitation (CNE) in the cyberspace</p>
</div>
<div class="sect3">
<h4 id="_typecybint">type:CYBINT</h4>
<div class="paragraph">
<p>Cyberspace Intelligence</p>
</div>
<div class="paragraph">
<p>gathered from active or passive exploitation (CNE) in the cyberspace</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_dnint">DNINT</h3>
<div class="paragraph">
<p>gathered from active or passive expoilation (CNE) in the digital network.</p>
</div>
<div class="sect3">
<h4 id="_typednint">type:DNINT</h4>
<div class="paragraph">
<p>Digital Network Intelligence</p>
</div>
<div class="paragraph">
<p>gathered from active or passive expoilation (CNE) in the digital network.</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_humint">HUMINT</h3>
<div class="paragraph">
<p>gathered from a person in the location in question</p>
</div>
<div class="sect3">
<h4 id="_typehumint">type:HUMINT</h4>
<div class="paragraph">
<p>Human Intelligence</p>
</div>
<div class="paragraph">
<p>gathered from a person in the location in question</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_medint">MEDINT</h3>
<div class="paragraph">
<p>gathered from analysis of medical records and/or actual physiological examinations to determine health and/or particular ailments/allergetic conditions for consideration</p>
</div>
<div class="sect3">
<h4 id="_typemedint">type:MEDINT</h4>
<div class="paragraph">
<p>Medical Intelligence</p>
</div>
<div class="paragraph">
<p>gathered from analysis of medical records and/or actual physiological examinations to determine health and/or particular ailments/allergetic conditions for consideration</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_geoint">GEOINT</h3>
<div class="paragraph">
<p>gathered from satellite, aerial photography, mapping/terrain data</p>
</div>
<div class="sect3">
<h4 id="_typegeoint">type:GEOINT</h4>
<div class="paragraph">
<p>Geospatial Intelligence</p>
</div>
<div class="paragraph">
<p>gathered from satellite, aerial photography, mapping/terrain data</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_imint">IMINT</h3>
<div class="paragraph">
<p>gathered from satellite and aerial photography</p>
</div>
<div class="sect3">
<h4 id="_typeimint">type:IMINT</h4>
<div class="paragraph">
<p>Imagery Intelligence</p>
</div>
<div class="paragraph">
<p>gathered from satellite and aerial photography</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_masint">MASINT</h3>
<div class="paragraph">
<p>gathered from electro-optical, nuclear survey, geophysical measurements, radar, materials analysis</p>
</div>
<div class="sect3">
<h4 id="_typemasint">type:MASINT</h4>
<div class="paragraph">
<p>Measurement and signature intelligence</p>
</div>
<div class="paragraph">
<p>gathered from electro-optical, nuclear survey, geophysical measurements, radar, materials analysis</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_finint">FININT</h3>
<div class="paragraph">
<p>gathered from analysis of monetary or financial transactions</p>
</div>
<div class="sect3">
<h4 id="_typefinint">type:FININT</h4>
<div class="paragraph">
<p>Financial Intelligence</p>
</div>
<div class="paragraph">
<p>gathered from analysis of monetary or financial transactions</p>
</div>
</div>
</div>
</div>
</div>
<div class="sect1">
<h2 id="_use_case_applicability">use-case-applicability</h2>
<div class="sectionbody">
<div class="admonitionblock note">
@ -37120,7 +37402,7 @@ workflow namespace available in JSON format at <a href="https://github.com/MISP/
</div>
<div id="footer">
<div id="footer-text">
Last updated 2018-12-22 14:58:42 CET
Last updated 2018-12-25 16:01:08 CET
</div>
</div>
</body>

306164
taxonomies.pdf
View File

File diff suppressed because it is too large Load Diff