[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-stix] Small changes from 2.0 - 2.1 - add relationship from indicator to vulnerability
From my comment [1]: Can someone give a practical example of a vulnerability and an indicator for that vulnerability (actual STIX JSON)? It would be beneficial to have this in the spec (or an associated implementation guidance document), and would help me understand to make
sure we aren't introducing multiple ways of doing something. I recognize that sometimes "shortcut" relationships are necessary, rather than the more pedantic but accurate ones, but want to make sure we take that into account (my standard example from STIX 1/CybOX 2 is that malware doesn't really connect to a Domain name, but you connect to whatever IP address that domain happens to resolve to). Greg [1] https://github.com/oasis-tcs/cti-stix2/issues/15#issuecomment-326067773 On 2017-08-30, 19:36 UTC, "cti-stix@lists.oasis-open.org on behalf of Terry MacDonald" <cti-stix@lists.oasis-open.org on behalf of
terry.macdonald@cosive.com> wrote: Makes a lot of sense. I vote to make the change. On 31/08/2017 05:01, "Allan Thomson" <athomson@lookingglasscyber.com> wrote:
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]