[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Looking for Example Shell
I have been trying to make sure I'm up to date on what a STIX 2.0 document will look like, and while there is a great deal of information about particular object types and common attributes I haven't had much luck finding an example of what the shell of a document will look like. Does anyone know if we have a generally agreed upon sample of this somewhere? So far I have heard two different visions of STIX 2.0 the first more aligns to STIX 1.X and roughly maps to a json format of: { Header: [], Observables: [], Indicators: [], ... Relationships: [] } The second moves to a node link model along the lines of: { Header: [], Objects: [], Relationships: [] } I think that the second model makes lookups simpler when resolving relationships while also making adding new object types easier, but also may introduce additional challenges when attempting to validate the JSON's schema. I haven't found confirmation on what has been generally agreed upon or if a consensus has been reached. Jeffrey Mates, Civ DC3/DCCI ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Computer Scientist Defense Cyber Crime Institute jeffrey.mates@dc3.mil 410-694-4335
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]