OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

cti message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Another STIX 2.1 Extension example


As part of the MITRE CTI repository (https://github.com/mitre/cti), we expressed all of the CAPEC attack patterns using STIX.

 

I converted one of the attack patterns (CAPEC-66: SQL Injection) from using custom properties to using property-extensions. 

 

As in other examples that people have posted â adding properties seems pretty straightforward.  Maybe expressing a new object (SDO, SCO, SRO) using the new extension facility is an example someone could share to make sure it doesnât have any gotchas.

 

Using the schema from the Extension Definition object for validation might be something more interesting to explore.

 

                Rich

 

-- 

Rich Piazza

Lead Cyber Security Engineer

The MITRE Corporation

781-271-3760

 

signature_1608542657

 

 

 

Attachment: ap-66-extensions.json
Description: ap-66-extensions.json

Attachment: ap-66-custom.json
Description: ap-66-custom.json



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]