[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-comment] Document review for stix-v2.0-csprd01-part2-stix-objects.docx
Ozgur, We have received your comments on STIX 2.0 CSPRD02 below. Thanks for your feedback! The TC maintains a log of all comments received on its work here: https://docs.google.com/spreadsheets/d/1YOPONeKzc6Uu1A1MS3WkICG26LKLQOWdr-KBDzM8K6Y/edit#gid=5055878.
Your comments have been added as comments 5 and 6. When the public review period is over, the TC will consider all comments and note the resolutions in the log. Again, thank you for your comment and please feel free to send along additional observations. Sarah Kelley STIX SC Co-Chair Sarah Kelley Senior Cyber Threat Analyst Multi-State Information Sharing and Analysis Center (MS-ISAC) 31 Tech Valley Drive East Greenbush, NY 12061 518-266-3493 24x7 Security Operations Center SOC@cisecurity.org - 1-866-787-4722 From: <cti-comment@lists.oasis-open.org> on behalf of "ozgur.yurekten@gmail.com" <ozgur.yurekten@gmail.com>
Hi,
I have been working on CTI standards and network security for my PhD dissertation. I have reviewed stix-v2.0-csprd01-part2-stix-objects.docx document. My comments are listed below:
In example of course_of_action (page 16), “created_by_ref” SDO is not referenced in example or in document. I can not reach the definition of SDO
[ { "type": "course-of-action", "id": "course-of-action--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f", "created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff", "created": "2016-04-06T20:03:48.000Z", "modified": "2016-04-06T20:03:48.000Z", "name": "Add TCP port 80 Filter Rule to the existing Block UDP 1434 Filter", "description": "This is how to add a filter rule to block inbound access to TCP port 80 to the existing UDP 1434 filter ..." },
3-
Typo Errors
In example of course_of_action (page 16), for defining malware SDO property “relationship_type”
must be “name”.
Examples
[ { "type": "course-of-action", "id": "course-of-action--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f", "created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff", "created": "2016-04-06T20:03:48.000Z", "modified": "2016-04-06T20:03:48.000Z", "name": "Add TCP port 80 Filter Rule to the existing Block UDP 1434 Filter", "description": "This is how to add a filter rule to block inbound access to TCP port 80 to the existing UDP 1434 filter ..." }, { "type": "relationship", "id": "relationship--44298a74-ba52-4f0c-87a3-1824e67d7fad", "created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff", "created": "2016-04-06T20:06:37.000Z", "modified": "2016-04-06T20:06:37.000Z", "source_ref": "course-of-action--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f", "target_ref": "malware--31b940d4-6f7f-459a-80ea-9c1f17b5891b", "relationship_type": "mitigates" }, { "type": "malware", "id": "malware--31b940d4-6f7f-459a-80ea-9c1f17b5891b", "created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff", "created": "2016-04-06T20:07:09.000Z", "modified": "2016-04-06T20:07:09.000Z", "relationship_type": "Poison Ivy" } ] "relationship_type": "Poison Ivy" -> "name": "Poison Ivy" Sent from
Mail for Windows 10
. . . |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]