From efc1cf51fd3b61ee201e14c1970ad25d9df57b29 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Guillaume=20Er=C3=A9t=C3=A9o?= Date: Wed, 13 Nov 2024 13:29:12 +0100 Subject: [PATCH] add new status closed merged (#452) --- doc/json/actor.json | 2 +- doc/json/asset.json | 2 +- doc/json/asset_mapping.json | 2 +- doc/json/asset_properties.json | 2 +- doc/json/attack_pattern.json | 2 +- doc/json/bundle.json | 44 ++++++++++++++-------------- doc/json/campaign.json | 2 +- doc/json/casebook.json | 46 +++++++++++++++--------------- doc/json/coa.json | 2 +- doc/json/feedback.json | 2 +- doc/json/incident.json | 2 +- doc/json/indicator.json | 2 +- doc/json/judgement.json | 2 +- doc/json/malware.json | 2 +- doc/json/note.json | 2 +- doc/json/relationship.json | 2 +- doc/json/sighting.json | 2 +- doc/json/target_record.json | 2 +- doc/json/tool.json | 2 +- doc/json/vulnerability.json | 2 +- doc/json/weakness.json | 2 +- doc/structures/bundle.md | 1 + doc/structures/casebook.md | 1 + doc/structures/incident.md | 1 + src/ctim/schemas/vocabularies.cljc | 1 + 25 files changed, 68 insertions(+), 64 deletions(-) diff --git a/doc/json/actor.json b/doc/json/actor.json index 5f826743..510915ff 100644 --- a/doc/json/actor.json +++ b/doc/json/actor.json @@ -26,7 +26,7 @@ "motivation" : "Ego", "planning_and_operational_support" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "sophistication" : "Aspirant", "source" : "string", diff --git a/doc/json/asset.json b/doc/json/asset.json index b7a446e6..ea718b68 100644 --- a/doc/json/asset.json +++ b/doc/json/asset.json @@ -12,7 +12,7 @@ "id" : "string", "language" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", diff --git a/doc/json/asset_mapping.json b/doc/json/asset_mapping.json index 89df3b32..e24768b0 100644 --- a/doc/json/asset_mapping.json +++ b/doc/json/asset_mapping.json @@ -17,7 +17,7 @@ "value" : "1.2.3.4" }, "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "source" : "string", "source_uri" : "string", "specificity" : "Low", diff --git a/doc/json/asset_properties.json b/doc/json/asset_properties.json index 454e58c6..b7181e57 100644 --- a/doc/json/asset_properties.json +++ b/doc/json/asset_properties.json @@ -15,7 +15,7 @@ "value" : "string" } ], "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "source" : "string", "source_uri" : "string", "timestamp" : "2016-01-01T01:01:01.000Z", diff --git a/doc/json/attack_pattern.json b/doc/json/attack_pattern.json index c5e636b9..365e99ae 100644 --- a/doc/json/attack_pattern.json +++ b/doc/json/attack_pattern.json @@ -16,7 +16,7 @@ } ], "language" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", diff --git a/doc/json/bundle.json b/doc/json/bundle.json index f4107674..367bfdd6 100644 --- a/doc/json/bundle.json +++ b/doc/json/bundle.json @@ -28,7 +28,7 @@ "motivation" : "Ego", "planning_and_operational_support" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "sophistication" : "Aspirant", "source" : "string", @@ -62,7 +62,7 @@ "value" : "1.2.3.4" }, "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "source" : "string", "source_uri" : "string", "specificity" : "Low", @@ -92,7 +92,7 @@ "value" : "string" } ], "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "source" : "string", "source_uri" : "string", "timestamp" : "2016-01-01T01:01:01.000Z", @@ -119,7 +119,7 @@ "id" : "string", "language" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", @@ -151,7 +151,7 @@ } ], "language" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", @@ -185,7 +185,7 @@ "language" : "string", "names" : [ "string" ], "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", @@ -259,7 +259,7 @@ "source" : "string" } ], "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", @@ -297,7 +297,7 @@ "revision" : 10, "row_count" : 10, "rows" : [ [ "anything" ] ], - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", @@ -335,7 +335,7 @@ "language" : "string", "reason" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "source" : "string", "source_uri" : "string", "timestamp" : "2016-01-01T01:01:01.000Z", @@ -366,7 +366,7 @@ }, "language" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "source" : "string", "source_uri" : "string", "timestamp" : "2016-01-01T01:01:01.000Z", @@ -408,7 +408,7 @@ }, "promotion_method" : "Automated", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "scores" : { "asset" : 10.0 }, @@ -451,7 +451,7 @@ "negate" : true, "producer" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "severity" : "Critical", "short_description" : "string", "source" : "string", @@ -500,7 +500,7 @@ "reason" : "string", "reason_uri" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "severity" : "Critical", "source" : "string", "source_uri" : "string", @@ -533,7 +533,7 @@ "labels" : [ "adware" ], "language" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", @@ -563,7 +563,7 @@ "entity_type" : "string" } ], "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "source" : "string", "source_uri" : "string", "timestamp" : "2016-01-01T01:01:01.000Z", @@ -585,7 +585,7 @@ "language" : "string", "relationship_type" : "attributed-to", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_ref" : "string", @@ -597,7 +597,7 @@ "type" : "relationship" } ], "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "sighting_refs" : [ "string" ], "sightings" : [ { @@ -865,7 +865,7 @@ } ], "resolution" : "detected", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "sensor" : "endpoint", "sensor_coordinates" : { "observables" : [ { @@ -912,7 +912,7 @@ "id" : "string", "language" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", @@ -958,7 +958,7 @@ "labels" : [ "credential-exploitation" ], "language" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", @@ -1099,7 +1099,7 @@ "last_modified_date" : "2016-01-01T01:01:01.000Z", "published_date" : "2016-01-01T01:01:01.000Z", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", @@ -1180,7 +1180,7 @@ "strategy" : "Attack Surface Reduction" } ], "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", diff --git a/doc/json/campaign.json b/doc/json/campaign.json index f20f2b03..7a55bf44 100644 --- a/doc/json/campaign.json +++ b/doc/json/campaign.json @@ -19,7 +19,7 @@ "language" : "string", "names" : [ "string" ], "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", diff --git a/doc/json/casebook.json b/doc/json/casebook.json index 87762b44..633424dc 100644 --- a/doc/json/casebook.json +++ b/doc/json/casebook.json @@ -29,7 +29,7 @@ "motivation" : "Ego", "planning_and_operational_support" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "sophistication" : "Aspirant", "source" : "string", @@ -63,7 +63,7 @@ "value" : "1.2.3.4" }, "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "source" : "string", "source_uri" : "string", "specificity" : "Low", @@ -93,7 +93,7 @@ "value" : "string" } ], "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "source" : "string", "source_uri" : "string", "timestamp" : "2016-01-01T01:01:01.000Z", @@ -120,7 +120,7 @@ "id" : "string", "language" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", @@ -152,7 +152,7 @@ } ], "language" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", @@ -186,7 +186,7 @@ "language" : "string", "names" : [ "string" ], "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", @@ -260,7 +260,7 @@ "source" : "string" } ], "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", @@ -298,7 +298,7 @@ "revision" : 10, "row_count" : 10, "rows" : [ [ "anything" ] ], - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", @@ -336,7 +336,7 @@ "language" : "string", "reason" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "source" : "string", "source_uri" : "string", "timestamp" : "2016-01-01T01:01:01.000Z", @@ -367,7 +367,7 @@ }, "language" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "source" : "string", "source_uri" : "string", "timestamp" : "2016-01-01T01:01:01.000Z", @@ -409,7 +409,7 @@ }, "promotion_method" : "Automated", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "scores" : { "asset" : 10.0 }, @@ -452,7 +452,7 @@ "negate" : true, "producer" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "severity" : "Critical", "short_description" : "string", "source" : "string", @@ -501,7 +501,7 @@ "reason" : "string", "reason_uri" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "severity" : "Critical", "source" : "string", "source_uri" : "string", @@ -534,7 +534,7 @@ "labels" : [ "adware" ], "language" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", @@ -564,7 +564,7 @@ "entity_type" : "string" } ], "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "source" : "string", "source_uri" : "string", "timestamp" : "2016-01-01T01:01:01.000Z", @@ -586,7 +586,7 @@ "language" : "string", "relationship_type" : "attributed-to", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_ref" : "string", @@ -598,7 +598,7 @@ "type" : "relationship" } ], "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "sighting_refs" : [ "string" ], "sightings" : [ { @@ -866,7 +866,7 @@ } ], "resolution" : "detected", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "sensor" : "endpoint", "sensor_coordinates" : { "observables" : [ { @@ -913,7 +913,7 @@ "id" : "string", "language" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", @@ -959,7 +959,7 @@ "labels" : [ "credential-exploitation" ], "language" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", @@ -1100,7 +1100,7 @@ "last_modified_date" : "2016-01-01T01:01:01.000Z", "published_date" : "2016-01-01T01:01:01.000Z", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", @@ -1181,7 +1181,7 @@ "strategy" : "Attack Surface Reduction" } ], "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", @@ -1212,7 +1212,7 @@ "value" : "1.2.3.4" } ], "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", diff --git a/doc/json/coa.json b/doc/json/coa.json index b4586beb..2459fca6 100644 --- a/doc/json/coa.json +++ b/doc/json/coa.json @@ -57,7 +57,7 @@ "source" : "string" } ], "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", diff --git a/doc/json/feedback.json b/doc/json/feedback.json index 235b84d9..a314e343 100644 --- a/doc/json/feedback.json +++ b/doc/json/feedback.json @@ -13,7 +13,7 @@ "language" : "string", "reason" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "source" : "string", "source_uri" : "string", "timestamp" : "2016-01-01T01:01:01.000Z", diff --git a/doc/json/incident.json b/doc/json/incident.json index 0cfb1c6d..639a323a 100644 --- a/doc/json/incident.json +++ b/doc/json/incident.json @@ -28,7 +28,7 @@ }, "promotion_method" : "Automated", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "scores" : { "asset" : 10.0 }, diff --git a/doc/json/indicator.json b/doc/json/indicator.json index c1c9d913..5aca3081 100644 --- a/doc/json/indicator.json +++ b/doc/json/indicator.json @@ -24,7 +24,7 @@ "negate" : true, "producer" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "severity" : "Critical", "short_description" : "string", "source" : "string", diff --git a/doc/json/judgement.json b/doc/json/judgement.json index 565264b3..922fbabc 100644 --- a/doc/json/judgement.json +++ b/doc/json/judgement.json @@ -20,7 +20,7 @@ "reason" : "string", "reason_uri" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "severity" : "Critical", "source" : "string", "source_uri" : "string", diff --git a/doc/json/malware.json b/doc/json/malware.json index 3ff22d0d..3f25549a 100644 --- a/doc/json/malware.json +++ b/doc/json/malware.json @@ -17,7 +17,7 @@ "labels" : [ "adware" ], "language" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", diff --git a/doc/json/note.json b/doc/json/note.json index 5b5993a0..852465e7 100644 --- a/doc/json/note.json +++ b/doc/json/note.json @@ -17,7 +17,7 @@ "entity_type" : "string" } ], "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "source" : "string", "source_uri" : "string", "timestamp" : "2016-01-01T01:01:01.000Z", diff --git a/doc/json/relationship.json b/doc/json/relationship.json index 9ab68aac..872ea7f8 100644 --- a/doc/json/relationship.json +++ b/doc/json/relationship.json @@ -12,7 +12,7 @@ "language" : "string", "relationship_type" : "attributed-to", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_ref" : "string", diff --git a/doc/json/sighting.json b/doc/json/sighting.json index a1b4d836..9f5eddf0 100644 --- a/doc/json/sighting.json +++ b/doc/json/sighting.json @@ -263,7 +263,7 @@ } ], "resolution" : "detected", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "sensor" : "endpoint", "sensor_coordinates" : { "observables" : [ { diff --git a/doc/json/target_record.json b/doc/json/target_record.json index 79322889..c587e601 100644 --- a/doc/json/target_record.json +++ b/doc/json/target_record.json @@ -11,7 +11,7 @@ "id" : "string", "language" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", diff --git a/doc/json/tool.json b/doc/json/tool.json index 01ea10c0..7d2aeb88 100644 --- a/doc/json/tool.json +++ b/doc/json/tool.json @@ -16,7 +16,7 @@ "labels" : [ "credential-exploitation" ], "language" : "string", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", diff --git a/doc/json/vulnerability.json b/doc/json/vulnerability.json index bf0a3d88..53a8bfa6 100644 --- a/doc/json/vulnerability.json +++ b/doc/json/vulnerability.json @@ -108,7 +108,7 @@ "last_modified_date" : "2016-01-01T01:01:01.000Z", "published_date" : "2016-01-01T01:01:01.000Z", "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", diff --git a/doc/json/weakness.json b/doc/json/weakness.json index a67deaae..123f7199 100644 --- a/doc/json/weakness.json +++ b/doc/json/weakness.json @@ -68,7 +68,7 @@ "strategy" : "Attack Surface Reduction" } ], "revision" : 10, - "schema_version" : "1.3.19", + "schema_version" : "1.3.20", "short_description" : "string", "source" : "string", "source_uri" : "string", diff --git a/doc/structures/bundle.md b/doc/structures/bundle.md index 427ae4af..e85afae9 100644 --- a/doc/structures/bundle.md +++ b/doc/structures/bundle.md @@ -4784,6 +4784,7 @@ The `status` field represents the current state of an incident within the incide * Closed * Closed: Confirmed Threat * Closed: False Positive + * Closed: Merged * Closed: Near-Miss * Closed: Other * Closed: Suspected diff --git a/doc/structures/casebook.md b/doc/structures/casebook.md index 50e8302e..ee295ccf 100644 --- a/doc/structures/casebook.md +++ b/doc/structures/casebook.md @@ -11548,6 +11548,7 @@ The `status` field represents the current state of an incident within the incide * Closed * Closed: Confirmed Threat * Closed: False Positive + * Closed: Merged * Closed: Near-Miss * Closed: Other * Closed: Suspected diff --git a/doc/structures/incident.md b/doc/structures/incident.md index a0f4a2af..0d1dde3a 100644 --- a/doc/structures/incident.md +++ b/doc/structures/incident.md @@ -359,6 +359,7 @@ The `status` field represents the current state of an incident within the incide * Closed * Closed: Confirmed Threat * Closed: False Positive + * Closed: Merged * Closed: Near-Miss * Closed: Other * Closed: Suspected diff --git a/src/ctim/schemas/vocabularies.cljc b/src/ctim/schemas/vocabularies.cljc index 272aab52..97a1f11f 100644 --- a/src/ctim/schemas/vocabularies.cljc +++ b/src/ctim/schemas/vocabularies.cljc @@ -378,6 +378,7 @@ "Closed: Suspected" "Closed: False Positive" "Closed: Near-Miss" + "Closed: Merged" "Closed: Other" "New" "Open"