OASIS Cyber Threat Intelligence (CTI) TC

Re: [cti] cti-stix-elevator 4.0.0 is released (CORRECTION)

  • 1.  Re: [cti] cti-stix-elevator 4.0.0 is released (CORRECTION)

    Posted 05-03-2021 22:25





    The elevator and stepper are compliant with STIX 2.1 CS02

    From: <cti@lists.oasis-open.org> on behalf of Rich Piazza <rpiazza@mitre.org>
    Date: Sunday, May 2, 2021 at 5:58 PM
    To: "cti@lists.oasis-open.org" <cti@lists.oasis-open.org>
    Subject: [cti] cti-stix-elevator 4.0.0 is released


     

    Hi everyone-

                            

    We just published cti-stix-elevator version 4.0.0 on PyPi [1]. The source code is available at [2]. read-the-docs documentation is available at [3].

    The elevator and stepper are compliant with STIX 2.1 CS01
    Python 3.5 is no longer supported.
    All compatibility code to support Python 2.7 has been removed (e.g., the six package)
    Major Changes


    Support Extension feature described in section 7.3 of the specification
    Support Incident as a specification SDO
    Use handle_missing_properties method to encapsulate most extension/custom functionality
    Handle related objects with no know STIX 2.1 relationship
    Other Changes


    Handle ArchiveFile different for 2.0 vs 2.1
    email_message:message_id is only in 2.1
    Infer network-traffic protocol from extension type
    Handle registry key in example where there is no hive property
    Better handling of Sightings
    Add object data marking to Relationships when appropriate based on the source and target references
    Handle name and title properties of malware better
    Testing changes


    Added testing for python 3.9
    Test for the ignore missing policy for STIX 2.1
    Please enter an issue on GitHub for bugs and feature requests.

     

    Contributions welcome.

      

    Rich Piazza

    Chris Lenk

     

    MITRE

     

    [1]  https://pypi.org/project/stix2-elevator

    [2]  https://github.com/oasis-open/cti-stix-elevator

    [3]   https://stix2-elevator.readthedocs.io/en/latest/