Brilliant! Love it.
Thanks,
Bret Bret Jordan CISSPDirector of Security Architecture and Standards | Office of the CTO Blue Coat Systems PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
Given the recent discussions on CybOX Object selection, I thought it would be useful to start a new thread on the 3.x point release roadmap.
Based on the current green-field approach, as well an understanding of what we’re missing, here’s a straw man to get us started:
- CybOX 3.1: Networking (+ the possibility of new Objects/Extensions)
- Network Packet
- Network Flow
- Additional Layer 7 Objects (?)
- CybOX 3.2: Unix/Windows Host Artifacts (+ the possibility of new Objects/Extensions)
- Linux Package (file extension)
- Unix Process (process extension)
- Windows Task
- Windows Prefetch
- CybOX 3.3: Mobile Devices/Artifacts (+ the possibility of new Objects/Extensions)
- Android (system extension)
- Android APK (file extension)
- Apple iOS (system extension)
- Mobile device (device extension)
- Mobile phone device (device extension)
- CybOX 3.4: Digital Forensics Artifacts (+ the possibility of new Objects/Extensions)
- EXIF (file extension)
- Disk
- Disk Partition
- Disk Sector
- CybOX 3.5: Accounts (+ the possibility of new Objects/Extensions)
- User Account
- Computer Account
- OS-specific Accounts
- CybOX 3.6: SCADA (+ the possibility of new Objects/Extensions)
Regards,
Ivan
|