johnwunder
commented
9 years ago See #136 for particular examples.
Open johnwunder opened 10 years ago
johnwunder
commented
9 years ago See #136 for particular examples.
jgommers
commented
9 years ago I would propose (and interested in hearing people opinion's) on deepening what it means to write threat intelligence reports in the context of package intent. e.g. descriptive/explanatory vs predictive possibly implying different usage. Or intelligence summaries vs longer form reports vs studies, etc.
johnwunder
commented
9 years ago With the addition of Report in 1.2 this now applies to ReportIntent instead of PackageIntent. But the question stands. I'm going to update the description to clarify that.
The ReportIntent vocabulary was developed very early in the STIX evolution and has not been revised since. We should work with the community to ensure necessary values are added and existing values make sense.