[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-users] Need Examples of stix components
So I don't have such an all in STIX document handy, but it seems like a really good idea to make one. This also goes to another need which is the 'usage' convention side of what does well crafted STIX actually look like for a sample. I would suggest this is a worthwhile effort for the group and we should include it with the documentation set.
I am hoping that the folks at MITRE already have such an all encompassing sample document.
-Mark
Mark Clancy
Chief Executive Officer
SOLTRA
|
An FS-ISAC and DTCC Company
+1.813.470.2400
office
|
+1.610.659.6671 US mobile
| +44 7823 626 535 UK mobile
mclancy@soltra.com
| soltra.com
One organization's incident becomes everyone's defense.
From: cti-users@lists.oasis-open.org <cti-users@lists.oasis-open.org> on behalf of sri devi <sreedevi.sw@gmail.com>
Sent: Wednesday, October 7, 2015 4:10 AM To: cti-users@lists.oasis-open.org Subject: [cti-users] Need Examples of stix components Hi, Indicator:
---------- Attributes: ---------- Composite_indicator_Expression Kill_Chain_Phases Handling Related_Indicators Related_compaigns Related_pckages Need clarity of above attributes of Indicator with Examples. Incident -------- Attributes ---------- Investigation Exercise/Network Defence testing ordinality Structuring_format Attributed_Thread_Actors Intended_Effect Related_incidents Need clarity of above attributes of Incident with Examples. Observable ----------- Attributes ----------- Keywords Observable_Composition Pattern_Fidelity Need clarity of above attributes of Observable with Examples. TTP ---- Attributes ----------- Handling Kill_Chains Kill_Chain_Phases Exploit_Targets Need clarity of above attributes of TTP with Examples. Exploit_Targets ---------------- Attributes ----------- Handling Related_exploit_target Configuration Potential_COAs Need clarity of above attributes of Exploit_Targets with Examples. Course_Of_Action ---------------- Attributes ---------- Related_COAs Efficacy Need clarity of above attributes of Course_Of_Action with Examples. Campaign --------- Attributes ----------- Intended_Effect Related_Indicators Related_incidents Attribution Associated_Campaign Handling Need clarity of above attributes of Campaign with Examples. Threat_Actor ------------- attributes ---------- Identity Motivation Sophistication Planning_And_Operational_support Handling Need clarity of above attributes of Threat_Actor with Examples. -- thank you....
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]