[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Kinds of Sources
There are many different concepts of “sources” that we seem to be talking about: ·
The creator of the STIX/CybOX object
o
An individual/organization (created manually via something like Soltra Edge), probably represented by an Identity object
o
Software, that creates STIX/CybOX objects automatically – no manual input ·
A similar object from outside the STIX model (used to be
external_ID in STIX 1.2) – NOT a CTI ID ·
A reference, like in a bibliography, which might be accessible via a URL – NOT a CTI object ·
An association to another type of STIX object – like CVE (assuming we represent Vulnerability as a STIX TLO) Did I miss anything? The original object could be the source of a translated object, but that seem better handled separately (as discussed in the recent I18N email threat). |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]