[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Another STIX 2.1 Extension example
As part of the MITRE CTI repository (https://github.com/mitre/cti), we expressed all of the CAPEC attack patterns using STIX. I converted one of the attack patterns (CAPEC-66: SQL Injection) from using custom properties to using property-extensions.
As in other examples that people have posted â adding properties seems pretty straightforward. Maybe expressing a new object (SDO, SCO, SRO) using the new extension facility is an example someone could share
to make sure it doesnât have any gotchas. Using the schema from the Extension Definition object for validation might be something more interesting to explore. Rich -- Rich Piazza Lead Cyber Security Engineer The MITRE Corporation 781-271-3760 |
Attachment:
ap-66-extensions.json
Description: ap-66-extensions.json
Attachment:
ap-66-custom.json
Description: ap-66-custom.json
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]