OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

cti message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Proposed normative text available for flattening lists in Package - (Goal: Reach official consensus by Monday)

Flattening of lists within Package is one of the issues that we seem to have general consensus on but have not yet agreed to normative text.

Proposed normative text is now available for your review in the STIX 2.0 Specification Pre-draft document.
It is fairly straightforward and should not take long to consider.
Please review the normative text and add comments to the document for any concerns, questions or ideas you may have.
If we do not see any significant concerns/objections to the normative text by Monday we will consider this issues to have officially achieved consensus and move on to others.

For the quick convenience of anyone having difficulty accessing the live specification pre-draft document the relevant text is included below.



STIX Package Object (package)


Property Name

Type

Description

type (required)

string

Indicates that this object is a STIX Package. The value of this field MUST be package

id (required)

id

From CTI-Common Core

campaigns (optional)

array of type  campaign

Specifies a set of one or more Campaigns.

course_of_actions (optional)

array of type  course-of-action

Specifies a set of one or more Courses of Action that could be taken in regard to one of more cyber threats.

exploit_targets (optional)

array of type exploit-target

Specifies a set of zero or more potential targets for exploitation.

identities (optional)

array of type  identity

Specifies a set of one or more identities of individuals or organizations.

incidents (optional)

array of type  incident

Specifies a set of one or more cyber threat Incidents.

indicators (optional)

array of type indicator

Specifies a set of one or more cyber threat Indicators.

observations (optional)

array of type  observation

Specifies a set of one or more cyber observations.

references (optional)

array of type reference

Specifies a set of one or more references to a non-STIX object

relationships (optional)

array of type  relationship

Specifies a set of one or more relationships between top-level objects (TLOs).

reports (optional)

array of type report

Specifies a set of one or more reports.

sightings (optional)

array of type sighting

Specifies a set of one or more sightings.

threat_actors (optional)

array of type threat-actor

Specifies a set of one or more Threat Actors.

tools (optional)

array of type tool

Specifies a set of one or more tools that an adversary or analyst may leverage.

ttps (optional)

array of type ttp

Specifies a set of one or more cyber threat adversary Tactics, Techniques or Procedures (TTPs)

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]