Skip to content

Slot: description

Human-readable description.

URI: stix:description Alias: description

Applicable Classes

Name Description Modifies Slot
X509V3ExtensionsType Specifies any standard X no
MacAddr The MAC Address Object represents a single Media Access Control (MAC) address no
Directory The Directory Object represents the properties common to a file system direct... no
HashesType The Hashes type represents one or more cryptographic hashes, as a special set... no
X509Certificate The X509 Certificate Object represents the properties of an X no
HttpRequestExt The HTTP Request extension specifies a default extension for capturing networ... no
KillChainPhase The kill-chain-phase represents a phase in a kill chain no
PEBinaryExt The Windows PE Binary File extension specifies a default extension for captur... no
Timestamp Represents timestamps across the CTI specifications no
MimePartType Specifies a component of a multi-part email body as defined in the email-mess... no
IcmpExt The ICMP extension specifies a default extension for capturing network traffi... no
CourseOfAction A Course of Action is an action taken either to prevent an attack or to respo... no
Extension Converted from common/extension no
MalwareAnalysis Malware Analysis captures the metadata and results of a particular analysis p... no
EmailAddr The Email Address Object represents a single email address no
Ipv6Addr The IPv6 Address Object represents one or more IPv6 addresses expressed using... no
Tool Tools are legitimate software that can be used by threat actors to perform at... no
Software The Software Object represents high-level properties associated with software... no
Campaign A Campaign is a grouping of adversary behavior that describes a set of malici... no
ExternalReference External references are used to describe pointers to information represented ... no
StixEntity no
ExtensionDefinition The STIX Extension Definition object allows producers of threat intelligence ... no
UnixAccountExt The Unix Account extension specifies a default extension for capturing the ad... no
WindowsServiceExt The Windows Service extension specifies properties specific to Windows servic... no
Url The URL Object represents the properties of a uniform resource locator (URL) no
Mutex The Mutex Object represents the properties of a mutual exclusion (mutex) obje... no
ThreatActor Threat Actors are actual individuals, groups, or organizations believed to be... no
RasterImageExt The Raster Image extension specifies a default extension for capturing proper... no
ObservedData Observed data conveys information that was observed on systems and networks, ... no
Identity Identities can represent actual individuals, organizations, or groups (e no
TcpExt The TCP extension specifies a default extension for capturing network traffic... no
Dictionary A dictionary captures a set of key/value pairs no
WindowsRegistryValue Structured value entry under a Windows registry key no
Hex The hex data type encodes an array of octets (8-bit bytes) as hexadecimal no
IntrusionSet An Intrusion Set is a grouped set of adversary behavior and resources with co... no
Indicator Indicators contain a pattern that can be used to detect suspicious or malicio... no
SocketExt The Socket extension specifies a default extension for capturing network traf... no
Relationship The Relationship object is used to link together two SDOs in order to describ... no
StixDomainObject no
WindowsPEOptionalHeaderType The Windows PE Optional Header type represents the properties of the PE optio... no
Sighting A Sighting denotes the belief that something in CTI (e no
StixRelationshipObject no
Properties Rules for custom properties no
WindowsPESection The Windows PE Section type specifies metadata about a PE file section no
AlternateDataStreamType Specifies properties of an NTFS alternate data stream no
ArchiveExt The Archive File extension specifies a default extension for capturing proper... no
PdfExt The PDF extension specifies a default extension for capturing properties spec... no
Location A Location represents a geographic location no
Core Common properties and behavior across all STIX Domain Objects and STIX Relati... no
AutonomousSystem The AS object represents the properties of an Autonomous Systems (AS) no
Incident The Incident object in STIX 2 no
CyberObservableObject no
NtfsExt The NTFS extension specifies a default extension for capturing properties spe... no
Malware Malware is a type of TTP that is also known as malicious code and malicious s... no
Grouping A Grouping object explicitly asserts that the referenced STIX Objects have a ... no
UserAccount The User Account Object represents an instance of any type of user account, i... no
WindowsProcessExt The Windows Process extension specifies properties specific to Windows proces... no
EmailMessage The Email Message Object represents an instance of an email message no
Note A Note is a comment or note containing informative text to help explain the c... no
Bundle A Bundle is a collection of arbitrary STIX Objects and Marking Definitions gr... no
UrlRegex Matches a URI according to RFC 3986 no
Ipv4Addr The IPv4 Address Object represents one or more IPv4 addresses expressed using... no
Artifact The Artifact Object permits capturing an array of bytes (8-bits), as a base64... no
DomainName The Domain Name represents the properties of a network domain name no
Process The Process Object represents common properties of an instance of a computer ... no
WindowsRegistryKey The Registry Key Object represents the properties of a Windows registry key no
AttackPattern Attack Patterns are a type of TTP that describe ways that adversaries attempt... no
Identifier Represents identifiers across the CTI specifications no
MarkingDefinition The marking-definition object represents a specific marking no
Vulnerability A Vulnerability is a mistake in software that can be directly used by a hacke... no
GranularMarking The granular-marking type defines how the list of marking-definition objects ... no
Opinion An Opinion is an assessment of the correctness of the information in a STIX O... no
CyberObservableCore Common properties and behavior across all Cyber Observable Objects no
Infrastructure Infrastructure objects describe systems, software services, and associated ph... no
CommonSchemaComponent no
LanguageContent The language-content object represents text content for STIX Objects represen... no
File The File Object represents the properties of a file no
NetworkTraffic The Network Traffic Object represents arbitrary network traffic that originat... no
Report Reports are collections of threat intelligence focused on one or more topics,... no

Properties

Type and Range

Property Value
Range String
Domain Of StixEntity, ExtensionDefinition, ExternalReference

Cardinality and Requirements

Property Value

Identifier and Mapping Information

Schema Source

  • from schema: https://w3id.org/lmodel/stix

Mappings

Mapping Type Mapped Value
self stix:description
native stix:description
close unified_cyber_ontology:description

LinkML Source

name: description
description: Human-readable description.
from_schema: https://w3id.org/lmodel/stix
close_mappings:
- unified_cyber_ontology:description
rank: 1000
alias: description
domain_of:
- StixEntity
- ExtensionDefinition
- ExternalReference
range: string