cti-stix message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Two Minor 2.1 STIX Proposals
- From: "Jason Keirstead" <Jason.Keirstead@ca.ibm.com>
- To: cti-stix@lists.oasis-open.org
- Date: Fri, 28 Sep 2018 20:48:34 -0300
I would like to submit the following two
minor proposals for 2.1...
- The addition of a "software_ref"
property to the "Process" cyber observable object. This
would allow one to encode what piece of software a given process is for
(which you can then tie to CPE and do many things with)
- A defined relationship type of "vulnerable_to"
to be added from observed_data to vulnerability. This would
allow you to say that a given process, system, or software was vulnerable
to a certain vulnerability.
-
Jason Keirstead
Lead Architect - IBM.Security
www.ibm.com/security
"Things may come to those who wait, but only the things left by those
who hustle." - Unknown
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]