The main project for the Unfetter-Discover application. This is the project that will hold the configuration files, the docker-compose files, issue tracking, and documentation
Map sensors to the STIX Cyber Observable data types that the sensor COULD collect. Use the assessments workflow to allow support for identifying that the sensor DOES collect.
In cases like SYSMON, there is a large amount of data that SYSMON is capable of collecting. however, most deployments reduce those to reduce data collection. The Assessments workflow should recognize the delta between what is being collected in a particular environment, and what is possible.
Support hard coded data entry for now.
Consider adding the following sensor properties:
Unique Sensor Name
What is the sensor feeding (a name)
Coverage (Detail what the coverage name is, and how much this sensor is covering, types of systems it is covering)
Filtering description (if there is filtering, it should identify what is filtering. This is likely a text description for now)
Map sensors to the STIX Cyber Observable data types that the sensor COULD collect. Use the assessments workflow to allow support for identifying that the sensor DOES collect.
In cases like SYSMON, there is a large amount of data that SYSMON is capable of collecting. however, most deployments reduce those to reduce data collection. The Assessments workflow should recognize the delta between what is being collected in a particular environment, and what is possible.
Support hard coded data entry for now.
Consider adding the following sensor properties: