Ivan Kirillov

After reading the Wikipedia page on Secondary Storage more closely, I think it maps nearly exactly to ATT&CK's definition of "Drive", so I updated the mapping accordingly.

Added SoftwareTelemetryLog/EndpointSensorTelemetryLog for mapping to DS0013: Sensory Health. https://github.com/ikiril01/d3fend-ontology/commit/f39ee1137e3ae788421e97bec578334900c1b22d

Added Snapshot/VM Snapshot/Volume Snapshot. https://github.com/ikiril01/d3fend-ontology/commit/1f0edb21143542dda2e34b7e5a1c43eebca53188

Added User Profile for mapping to DS0021 (Persona). https://github.com/ikiril01/d3fend-ontology/commit/7daef98ff3611a08ee56f7a0c24f1758a7563d25

Added Discovery Network Traffic for mapping to DS0035 (Internet Scan). https://github.com/ikiril01/d3fend-ontology/commit/b667e34dcde5e3dbd939292482689221c3236d3d

Added Asset Metadata for mapping to DS0039 (Asset). https://github.com/ikiril01/d3fend-ontology/commit/119c840ebf48ec45c567af0ae87ca31bf50b0d5f

Added Historian/Process Databases for mapping to DS0040 (Operational Database). https://github.com/ikiril01/d3fend-ontology/commit/50a289360b298669b077c15be032e34a892326e5

Current mappings. New digital artifacts in bold, low confidence mappings in italics with question marks. |ATT&CK DS ID|ATT&CK DS Name|Mapping Type|D3FEND DA Mapping| |------------|--------------|------------|---------| |DS0001|Firmware (ATTACK)|exactly|Firmware| |DS0002|User Account (ATTACK)|exactly|UserAccount| |DS0003|Scheduled...