Subset: Sdos
Classes from stix/schemas/sdos/*.json
URI: Sdos
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/attack
Classes in subset
| Class | Description |
|---|---|
| AttackPattern | Attack Patterns are a type of TTP that describe ways that adversaries attempt... |
| Campaign | A Campaign is a grouping of adversary behavior that describes a set of malici... |
| CourseOfAction | A Course of Action is an action taken either to prevent an attack or to respo... |
| Grouping | A Grouping object explicitly asserts that the referenced STIX Objects have a ... |
| Identity | Identities can represent actual individuals, organizations, or groups (e |
| Incident | The Incident object in STIX 2 |
| Indicator | Indicators contain a pattern that can be used to detect suspicious or malicio... |
| Infrastructure | Infrastructure objects describe systems, software services, and associated ph... |
| IntrusionSet | An Intrusion Set is a grouped set of adversary behavior and resources with co... |
| Location | A Location represents a geographic location |
| Malware | Malware is a type of TTP that is also known as malicious code and malicious s... |
| MalwareAnalysis | Malware Analysis captures the metadata and results of a particular analysis p... |
| Note | A Note is a comment or note containing informative text to help explain the c... |
| ObservedData | Observed data conveys information that was observed on systems and networks, ... |
| Opinion | An Opinion is an assessment of the correctness of the information in a STIX O... |
| Report | Reports are collections of threat intelligence focused on one or more topics,... |
| ThreatActor | Threat Actors are actual individuals, groups, or organizations believed to be... |
| Tool | Tools are legitimate software that can be used by threat actors to perform at... |
| Vulnerability | A Vulnerability is a mistake in software that can be directly used by a hacke... |