search

oasis-tcs / csaf

OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secondary artifacts like meeting minutes and productivity code
https://github.com/oasis-tcs/csaf
Other
142 stars 39 forks source link

Add IoC object #292

Open tschmidtb51 opened 3 years ago

tschmidtb51 commented 3 years ago

My understanding of this is that with regard to the ioc, we could either put it under the references list under the vulnerabilities property, or create a new ioc property under vulnerabilities. It may be nice to have a dedicated ioc property under the vulnerabilities property, but I don't think it's necessarily a thing we NEED to have. The summary attribute of the references property entries could indicate which ref is an ioc.

[...]

Originally posted by @wrideout in https://github.com/oasis-tcs/csaf/issues/186#issuecomment-879321541

sthagen commented 3 years ago

Just to help casual readers: IOC stands for Indicators Of Compromise