[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: STIX 2.1 CS01 Corrections
Here are some corrections that I have for STIX 2.1 committee spec 01. 4.6 Indicator â The malware object in the example is missing the
is_family property. 4.15 Report â Replace âââ in the identity object in the example with
modified and created properties to have a complete & valid example. The reportâs
published property is an invalid date because it has 3 digits for the day:
"2016-01-201T17:00:00Z". The relationshipâs
target_ref property should have the id of the campaign in the example: campaign--83422c77-904c-4dc1-aff5-5c38f3a2c55c. 6.12 Network Traffic Object â The network traffic object example under Network Traffic with Netflow Data has an invalid
src_ref identifier. It is one digit short and should have a 7 added to the end to point to one of the ipv4-addr objects in the example. 6.13 Process Object â The process object in the Basic Process example has
created as a property instead of created_time. 7.2.1.3 Statement Marking Object Type â The statement marking definition example uses the id of TLP:GREEN. This should get a new id since the ids for the TLP marking definitions are reserved. On a side note, the Poison Ivy JSON example at
https://oasis-open.github.io/cti-documentation/stix/examples is missing
is_family from all of the malware objects.
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]