From 4232f0b7371e43501256743f29c9a3a87f317057 Mon Sep 17 00:00:00 2001 From: Christophe Vandeplas Date: Fri, 19 Oct 2018 14:08:50 +0200 Subject: [PATCH] chg: further categorization of galaxies --- clusters/branded_vulnerability.json | 1 + clusters/cert-eu-govsector.json | 1 + clusters/mitre-attack-pattern.json | 1 + clusters/mitre-course-of-action.json | 1 + clusters/mitre-enterprise-attack-attack-pattern.json | 1 + clusters/mitre-enterprise-attack-course-of-action.json | 1 + clusters/mitre-mobile-attack-attack-pattern.json | 1 + clusters/mitre-mobile-attack-course-of-action.json | 1 + clusters/mitre-pre-attack-attack-pattern.json | 1 + clusters/preventive-measure.json | 1 + clusters/sector.json | 1 + schema_clusters.json | 3 ++- 12 files changed, 13 insertions(+), 1 deletion(-) diff --git a/clusters/branded_vulnerability.json b/clusters/branded_vulnerability.json index 72786cb..ab15a1f 100644 --- a/clusters/branded_vulnerability.json +++ b/clusters/branded_vulnerability.json @@ -2,6 +2,7 @@ "authors": [ "Unknown" ], + "category": "vulnerability", "description": "List of known vulnerabilities and attacks with a branding", "name": "Branded Vulnerability", "source": "Open Sources", diff --git a/clusters/cert-eu-govsector.json b/clusters/cert-eu-govsector.json index 9673709..1405c13 100644 --- a/clusters/cert-eu-govsector.json +++ b/clusters/cert-eu-govsector.json @@ -2,6 +2,7 @@ "authors": [ "Various" ], + "category": "sector", "description": "Cert EU GovSector", "name": "Cert EU GovSector", "source": "CERT-EU", diff --git a/clusters/mitre-attack-pattern.json b/clusters/mitre-attack-pattern.json index 00209ab..4b6dddf 100644 --- a/clusters/mitre-attack-pattern.json +++ b/clusters/mitre-attack-pattern.json @@ -2,6 +2,7 @@ "authors": [ "MITRE" ], + "category": "attack-pattern", "description": "ATT&CK tactic", "name": "Attack Pattern", "source": "https://github.com/mitre/cti", diff --git a/clusters/mitre-course-of-action.json b/clusters/mitre-course-of-action.json index c8f9767..b3bcaf0 100644 --- a/clusters/mitre-course-of-action.json +++ b/clusters/mitre-course-of-action.json @@ -2,6 +2,7 @@ "authors": [ "MITRE" ], + "category": "course-of-action", "description": "ATT&CK Mitigation", "name": "Course of Action", "source": "https://github.com/mitre/cti", diff --git a/clusters/mitre-enterprise-attack-attack-pattern.json b/clusters/mitre-enterprise-attack-attack-pattern.json index 8e79664..06907aa 100644 --- a/clusters/mitre-enterprise-attack-attack-pattern.json +++ b/clusters/mitre-enterprise-attack-attack-pattern.json @@ -2,6 +2,7 @@ "authors": [ "MITRE" ], + "category": "attack-pattern", "description": "ATT&CK tactic", "name": "Enterprise Attack - Attack Pattern", "source": "https://github.com/mitre/cti", diff --git a/clusters/mitre-enterprise-attack-course-of-action.json b/clusters/mitre-enterprise-attack-course-of-action.json index 584f5d0..1057876 100644 --- a/clusters/mitre-enterprise-attack-course-of-action.json +++ b/clusters/mitre-enterprise-attack-course-of-action.json @@ -2,6 +2,7 @@ "authors": [ "MITRE" ], + "category": "course-of-action", "description": "ATT&CK Mitigation", "name": "Enterprise Attack - Course of Action", "source": "https://github.com/mitre/cti", diff --git a/clusters/mitre-mobile-attack-attack-pattern.json b/clusters/mitre-mobile-attack-attack-pattern.json index 9f2b465..a7fbc97 100644 --- a/clusters/mitre-mobile-attack-attack-pattern.json +++ b/clusters/mitre-mobile-attack-attack-pattern.json @@ -2,6 +2,7 @@ "authors": [ "MITRE" ], + "category": "attack-pattern", "description": "ATT&CK tactic", "name": "Mobile Attack - Attack Pattern", "source": "https://github.com/mitre/cti", diff --git a/clusters/mitre-mobile-attack-course-of-action.json b/clusters/mitre-mobile-attack-course-of-action.json index c0b32e7..acccfb5 100644 --- a/clusters/mitre-mobile-attack-course-of-action.json +++ b/clusters/mitre-mobile-attack-course-of-action.json @@ -2,6 +2,7 @@ "authors": [ "MITRE" ], + "category": "course-of-action", "description": "ATT&CK Mitigation", "name": "Mobile Attack - Course of Action", "source": "https://github.com/mitre/cti", diff --git a/clusters/mitre-pre-attack-attack-pattern.json b/clusters/mitre-pre-attack-attack-pattern.json index db225d9..f293b24 100644 --- a/clusters/mitre-pre-attack-attack-pattern.json +++ b/clusters/mitre-pre-attack-attack-pattern.json @@ -2,6 +2,7 @@ "authors": [ "MITRE" ], + "category": "attack-pattern", "description": "ATT&CK tactic", "name": "Pre Attack - Attack Pattern", "source": "https://github.com/mitre/cti", diff --git a/clusters/preventive-measure.json b/clusters/preventive-measure.json index 4dd6ba1..4e6592b 100644 --- a/clusters/preventive-measure.json +++ b/clusters/preventive-measure.json @@ -2,6 +2,7 @@ "authors": [ "Various" ], + "category": "measure", "description": "Preventive measures based on the ransomware document overview as published in https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml# . The preventive measures are quite generic and can fit any standard Windows infrastructure and their security measures.", "name": "Preventive Measure", "source": "MISP Project", diff --git a/clusters/sector.json b/clusters/sector.json index daf48a3..fb1ae99 100644 --- a/clusters/sector.json +++ b/clusters/sector.json @@ -2,6 +2,7 @@ "authors": [ "Various" ], + "category": "sector", "description": "Activity sectors", "name": "Sector", "source": "CERT-EU", diff --git a/schema_clusters.json b/schema_clusters.json index 4cf095b..7f78501 100644 --- a/schema_clusters.json +++ b/schema_clusters.json @@ -157,6 +157,7 @@ "uuid", "values", "authors", - "source" + "source", + "category" ] }