Merge pull request #104 from Delta-Sierra/master

add ttp-categories descriptions
This commit is contained in:
Alexandre Dulaunoy 2017-10-27 10:52:31 +02:00 committed by GitHub
commit 5a738fd44c

View file

@ -1,37 +1,47 @@
{
"values": [
{
"description": "Cover vulnerabilities exploit (0day, 1day, nday), exploit kit",
"value": "Exploits"
},
{
"description": "Deep-Dark Web forum, marketplace, hosting, etc",
"value": "Infrastructure"
},
{
"description": "Malware family",
"value": "Malware"
},
{
"description": "Legitimate SW or HW repurposed for malicious use",
"value": "Tools"
},
{
"description": "Does not belong to any of the other category",
"value": "Other"
},
{
"description": "Undetermined category",
"value": "Unknown"
},
{
"description": "Specific attack patterns (specific to a technology, to an author, not widely used, etc)",
"value": "Attack Patterns (S)"
},
{
"description": "Generic attack pattern, mehod, technique",
"value": "Attack Patterns (G)"
},
{
"description": "Non-technical description of threat actor activities (information war, destruction, hybrid, etc)",
"value": "Tactic"
},
{
"description": "Asset being targeted (MacOS, Android, ICS, IoT, Cryptocurrency, ect)",
"value": "Targeting"
}
],
"version" : 1,
"version" : 2,
"description": "ttp category vocab as defined by Cert EU.",
"source": "Cert EU",
"author": ["Cert EU"],