Chris Lenk
Chris Lenk
The [IMDDOS Botnet Report](https://www.coresecurity.com/publication/imddos-botnet-discovery-and-analysis) example on the examples page links to a gist. We should move it into this repo and fix/update the content (It's a STIX 2.0 bundle, but...
To pass the [use case test in Section 3.13.1.10 of the TAXII 2.1 Interoperability Specification](https://docs.oasis-open.org/cti/taxii-2.1-interop/v1.0/csd01/taxii-2.1-interop-v1.0-csd01.html#_h684kvszq974).
Hi, I'm trying to better understand PAP markings and the only documentation I can find is in this repository and at https://www.vanimpe.eu/2020/12/28/how-to-support-defenders-with-the-permissible-actions-protocol/. Specifically I'm trying to understand the difference between...
Should fix broken RTD doc builds. Needed because of https://blog.readthedocs.com/migrate-configuration-v2/
Should fix broken RTD doc builds. Needed because of https://blog.readthedocs.com/migrate-configuration-v2/
The visualizer doesn't support multiple versions of the same object, because certain data structures map objects by their id. Only one version for each STIX id will be displayed.
```[file:name = 'foo' AND domain-name:value = 'example.com']``` passes validation but should not. All Comparison Expressions connected by `AND` must match against the same SCO, which by definition means they must...
It doesn't seem like a SEP is able to define the meanings of new values in open vocabularies, or labels for the already existing SDOs. This isn't a new STIX...
It looks like `domain-name` and `url` were left out of the list of Cyber Observables on page/slide 11 of [https://github.com/oasis-open/cti-training/blob/master/june-2018-training/oasis-stixtaxii2-datamodel-foundations-06-18.pdf](https://github.com/oasis-open/cti-training/blob/master/june-2018-training/oasis-stixtaxii2-datamodel-foundations-06-18.pdf). This also affects the count on slide 7.