OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

cti-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [cti-comment] Infrastructure Type Vocabulary (infrastructure-type-ov)

Thanks for pointing that out. The summary just did not get updated when additional entries were added. The TC will fix that in the next version. The actual listing of values is what is correct. The summary is meant to make it easier to see all of the values at a glance. But, like you said, some of the entries were left out of the summary. But that is an editorial mistake / oversight.  Please use the entries from the actual table. 

Bret


On Jan 30, 2022, at 7:01 AM, Zsolt Bederna <zsolt.bederna@cylair.eu> wrote:

Dear CTI TC,
 
I'm writing regarding STIX version 2.1. I have found that there is a difference between the Summary and the value enumeration in case of the Infrastructure Type Vocabulary (infrastructure-type-ov) on the webpage and docx version of the standardâs publication.
The Summary contains âamplification, anonymization, botnet, command-and-control, exfiltration, hosting-malware, hosting-target-lists, phishing, reconnaissance, staging, unknowâ; on the other hand, the value enumeration includes further elements as control-system, firewall, routers-switches, and workstation.
 
Could you please make it clear?
Kind regards,
Zsolt Bederna

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]