certtools / intelmq

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
https://docs.intelmq.org/latest/
GNU Affero General Public License v3.0
976 stars 296 forks source link

classification.type: "unwanted software" #520

Closed robcza closed 8 years ago

robcza commented 8 years ago

I'd like to extend list of types for taxonomy "Malicious Code" and add the type "unwanted software". I'm not able to use any of existing types to describe this type. Do you agree with such a change?

aaronkaplan commented 8 years ago

On Sun, May 15, 2016 at 01:44:12PM -0700, Robert Šefr wrote:

I'd like to extend list of types for taxonomy "Malicious Code" and add the type "unwanted software". I'm not able to use any of existing types to describe this type. Do you agree with such a change?

While I agree with the need for such a category, it will overlap with "Malicious Code".

I'd rather see this change "upstream" in the eCSIRT II Taxonomy (https://www.enisa.europa.eu/topics/csirt-cert-services/community-projects/existing-taxonomies)

I suggest we talk with Cosmin (@cokebottle ) on this .

My 2 cents, a.

SYNchroACK commented 8 years ago

subscribe the Aaron words.

On Mon, May 16, 2016 at 3:15 AM, AaronK notifications@github.com wrote:

On Sun, May 15, 2016 at 01:44:12PM -0700, Robert Šefr wrote:

I'd like to extend list of types for taxonomy "Malicious Code" and add the type "unwanted software". I'm not able to use any of existing types to describe this type. Do you agree with such a change?

While I agree with the need for such a category, it will overlap with "Malicious Code".

I'd rather see this change "upstream" in the eCSIRT II Taxonomy ( https://www.enisa.europa.eu/topics/csirt-cert-services/community-projects/existing-taxonomies )

I suggest we talk with Cosmin (@cokebottle ) on this .

My 2 cents, a.

— You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub https://github.com/certtools/intelmq/issues/520#issuecomment-219335023

Tomás Lima* , * »-«* SYNchroACK *»-«

aaronkaplan commented 8 years ago

@robcza can we solve this "upstream" with ENISA/ the taxonomy standardisation group? If yes, I'll close this issue here and we will then update the intelmq taxonomy once, our upstream eCSIRT II taxonomy gets updated. okay with you?

robcza commented 8 years ago

Yes, I agree. Should keep it compliant.