Create a new Actor top-level construct to act as abstract basis for range of "actor" type constructs

STIXProject / schemas

STIX Schema Development

http://stixproject.github.io/

76 stars 21 forks source link

Create a new Actor top-level construct to act as abstract basis for range of "actor" type constructs #235

Open sbarnum opened 9 years ago

sbarnum commented 9 years ago

Consider creating a new Actor top-level construct to act as a basis for extension for Threat Actor but also enabling characterization of defender and third party actors.

This would allow for consistent specification of actor-type information regardless of whether the actor is a threat actor, defender, or third-party.

athiasjerome commented 9 years ago

Consider "Threat Agent" on top of Threat Actor: that could allow STIX extension, for future use in incident management (and disaster recovery), for example: natural incident

athiasjerome commented 8 years ago

Actor could be abstracted as Asset https://github.com/STIXProject/schemas/issues/234