Jonathan Rau
Jonathan Rau
#### Related Issue: #986 #### Description of changes: - Adds `owner` to `device`, `endpoint`, and `network_endpoint`. - Adds a new `agent` object that defines various sensors and agent. - Adds...
#### Related Issue: #988 #### Description of changes: - Added `threat_intelligence` object. - Added `threat_intelligence` Profile based on `threat_intelligence` object. - Added `signatures` object, an array of `signature` objects. -...
**BLUF**: Add a new Profile for `threat_intelligence` that encompasses several existing, and some new, OCSF objects to provide conditional enrichment via cyber threat intelligence, open source intelligence, and/or analyst commentary....
## BLUF Add `owner` (`user`) to `device` and `network_endpoint` to match its presence within the `resource` object. Create a new `agent` object that captures various agent/sensor details. ## Details The...
Currently the scalar values represented in `observables.type_id` have several "ID" types and several "Name" types without their pair being added which may matter to a source system. Additionally, there are...
Currently, the `process` object in has a nested `parent_process` object typed as a Process. This creates two issues 1. Modeling "grandparent" processes is a bit unclear and leads to additional...
#### Related Issue: N/A #### Description of changes: As discussed in an OCSF meeting on 3 SEPT 2024 - there was a desire to bring IoT and drone/UAS related normalization...