Consider adding "routine internal maintenance" to discovery methods

vz-risk / veris

Vocabulary for Event Recording and Incident Sharing (VERIS)

http://verisframework.org

Other

570 stars 161 forks source link

Consider adding "routine internal maintenance" to discovery methods #71

Closed whbaker closed 7 years ago

whbaker commented 10 years ago

Example is a skimmer discovered by routine checkup of ATM. Applies to systems/apps as well.

krmaxwell commented 10 years ago

I keep thinking about this but not sure how to distinguish it properly from some of the other internal methods (reported by employee, "log" review, etc.)

On Thu, May 8, 2014 at 3:08 PM, whbaker notifications@github.com wrote:

Example is a skimmer discovered by routine checkup of ATM.

— Reply to this email directly or view it on GitHubhttps://github.com/vz-risk/veris/issues/71 .

@kylemaxwell

blackfist commented 10 years ago

In the skimmer example I would call that Int - reported by employee. If we also had a routine checkup option then I would be conflicted about which one to select.

gdbassett commented 8 years ago

May be replacing something vague with something else vague. If we define them better, we might find we could use it. For now though, we don't know we'd have enough records so we'll defer it.

gdbassett commented 7 years ago

Change "IT review" definition to be "Any routine maintenance, testing or review of it assets. (Includes inspect of assets, vulnerability scans, etc.)" rather than adding a new enumeration.

gdbassett commented 7 years ago

Updated in [v1_3_2 3f4076c]