Improve Sensor Complexity

[infosec-alchemist]

Map sensors to the STIX Cyber Observable data types that the sensor COULD collect. Use the assessments workflow to allow support for identifying that the sensor DOES collect.

In cases like SYSMON, there is a large amount of data that SYSMON is capable of collecting. however, most deployments reduce those to reduce data collection. The Assessments workflow should recognize the delta between what is being collected in a particular environment, and what is possible.

Support hard coded data entry for now.

Consider adding the following sensor properties:

• Unique Sensor Name
• What is the sensor feeding (a name)
• Coverage (Detail what the coverage name is, and how much this sensor is covering, types of systems it is covering)
• Filtering description (if there is filtering, it should identify what is filtering. This is likely a text description for now)

[j987987]

Removing this from the milestone as it's not in the scope of the sprint.