OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

cti-users message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [cti-users] Cybox modelling for Company/ Organisation details

Conrad,

Welcome!
What you are looking for would be "covered" in STIX standard
Information/Data Model as "Identity" in current Draft version.
Identity covers "Organization or Person".


Meantime, it has been suggested to investigate use of a higher
(abstracted) approach for representing (and linking/creating
relationship with) "Assets" (as for example, illustrated in Asset
Identification (AI) https://scap.nist.gov/specifications/ai/ )

If using version 1.X (i.e. v1.2), this is covered by the use of OASIS
CIQ. (NB: OASIS CIQ is also what is used in AI. NB2: "Organization" is
called "Organisation" in it)

I hope it helps


On Wed, Jul 20, 2016 at 2:00 PM, Conrad Crampton
<conrad.crampton@secdata.com> wrote:
> Hi,
>
> I’m very new to Cybox and attempting to model data received via log files
> for web proxies, firewalls etc, and so far managing to plough through this.
> However, I would like to model the company for which the request relates
> i.e. the HTTP_Session object initated by a User_Account who is employed by a
> Company. It is this latter entity I can’t seem to find an appropriate object
> for in Cybox. Can anyone suggest how to accomplish this? I have thought
> about using Exploit_Target (from Stix) but at the time of the observation
> they aren’t necessarily an Exploit_Target – unless we take the broader
> meaning of a target being anyone is a potential target.
>
>
>
> Many thanks
>
> Conrad
>
>
>
> SecureData, combating cyber threats
>
> ________________________________
>
> The information contained in this message or any of its attachments may be
> privileged and confidential and intended for the exclusive use of the
> intended recipient. If you are not the intended recipient any disclosure,
> reproduction, distribution or other dissemination or use of this
> communications is strictly prohibited. The views expressed in this email are
> those of the individual and not necessarily of SecureData Europe Ltd. Any
> prices quoted are only valid if followed up by a formal written quote.
>
> SecureData Europe Limited. Registered in England & Wales 04365896.
> Registered Address: SecureData House, Hermitage Court, Hermitage Lane,
> Maidstone, Kent, ME16 9NT

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]