CTI STIX Subcommittee

 View Only

Vulnerability object added

  • 1.  Vulnerability object added

    Posted 07-14-2016 12:12




    All,
     
    As discussed on the call on Tuesday, it seemed like people were looking for a Vulnerability object so that they could say malware/actors/campaigns target particular vulnerabilities.
     
    Way back when we were first working on 2.0 we had a definition in there that I updated and moved over. Primarily, it would be used to capture external references to CVE and other vulnerability identifiers,
    as Jason had suggested. It also has a name and description in case there’s no CVE or other reference assigned yet or you want to duplicate them into the object directly. I also added the relationships it would conceivably need.
     
    Can you please review it to see if it captures what you need it to?
     
    Thanks,
    John