OASIS Cyber Threat Intelligence (CTI) TC: A repository for commonly used STIX objects in order to avoid needless duplication. https://github.com/oasis-open/cti-stix-common-objects
BSD 3-Clause "New" or "Revised" License
84
stars
37
forks
source link
Add Ongoing Attacker Activity Outcome to Incident Core Extension #22
Added 'ongoing' to activity-outcome-enum to better capture data for ongoing incidents.
Removed outdated language from attacker_activity.pattern_ref
Fixed error in JSON schema where kill_chain_phases were not included in attacker_activities
Fixed error in the incident duplication example where one or two incidents in the example had not had the value updated to match the current enumeration.
Added examples of kill_chain_phases within attacker activities.