All,
As we discussed on the call last week, Trey and I have been thinking over some possibilities as far as new additions for Cyber Observables in 2.1. Here’s the list that we’ve put together – note that this is
meant to be a strawman so that we can start having the discussion about what you (the community) wants to see in 2.1 as far as Cyber Observables:
Entity Type
Entity
New Objects
Device
- Mobile Device Ext.
- Mobile Phone Ext.
- Virtualization Ext.
Operating System
WHOIS
SMS
- MMS Ext.
Network Share
New Object Extensions
Android APK (File Object Ext.)
Apple iOS (File Object Ext.)
EXT 3/4 (File Object Ext.)
Document Metadata (File Object Ext.)
HTTP Response (Network Traffic Ext.)
Other Entities
Actions
If you have any thoughts on things you want to see in 2.1 for Cyber Observables, please bring them up – we’re very open to any suggestions and ideas.
Happy Holidays!
Ivan and Trey