Re: [cti-cybox] Credential Dump Object

["Kirillov, Ivan A." <ikirillov@mitre.org>]

That’s correct – I don’t think we had enough discussion around this Object to really determine where it fits into the existing set, and thus marked it as non-MVP. Also, it’s worth pointing out that everything currently in the playground doc is non-MVP but may be implemented in later release.

 

Regards,

Ivan

 

From: <cti-cybox@lists.oasis-open.org> on behalf of Terry MacDonald <terry.macdonald@cosive.com>
Date: Tuesday, August 2, 2016 at 2:12 PM
To: Jeffrey CIV DC3/DCCI Mates <Jeffrey.Mates@dc3.mil>
Cc: "cti-cybox@lists.oasis-open.org" <cti-cybox@lists.oasis-open.org>
Subject: Re: [cti-cybox] Credential Dump Object

 

It was an attempt to provide a way of putting a whole heap of compromised credential together in a single object for remediation.

It was pointed that we could leverage the account object within this object which would make more sense, but I never did the update to show that as people thought we couldn't include credential dump information without us first supporting encryption.

Cheers
Terry MacDonald
Cosive

 

On 3/08/2016 1:59 AM, "Mates, Jeffrey CIV DC3\DCCI" <Jeffrey.Mates@dc3.mil> wrote:

I was going through the playground and noticed the credential dump object.
It seems like all of the information stored in here is or should be part of
the Account object already.  Is there a reason that it was split off from
the Account Object?

Jeffrey Mates, Civ DC3/DCCI
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Computer Scientist
Defense Cyber Crime Institute
jeffrey.mates@dc3.mil
410-694-4335