Skip to content

Slot: labels

Terms used to describe this object.

URI: stix:labels Alias: labels

Applicable Classes

Name Description Modifies Slot
Campaign A Campaign is a grouping of adversary behavior that describes a set of malici... no
Grouping A Grouping object explicitly asserts that the referenced STIX Objects have a ... no
Incident The Incident object in STIX 2 no
Note A Note is a comment or note containing informative text to help explain the c... no
StixDomainObject no
Identity Identities can represent actual individuals, organizations, or groups (e no
Vulnerability A Vulnerability is a mistake in software that can be directly used by a hacke... no
AttackPattern Attack Patterns are a type of TTP that describe ways that adversaries attempt... no
Tool Tools are legitimate software that can be used by threat actors to perform at... no
IntrusionSet An Intrusion Set is a grouped set of adversary behavior and resources with co... no
LanguageContent The language-content object represents text content for STIX Objects represen... no
StixRelationshipObject no
Opinion An Opinion is an assessment of the correctness of the information in a STIX O... no
CourseOfAction A Course of Action is an action taken either to prevent an attack or to respo... no
MalwareAnalysis Malware Analysis captures the metadata and results of a particular analysis p... no
Location A Location represents a geographic location no
Relationship The Relationship object is used to link together two SDOs in order to describ... no
ObservedData Observed data conveys information that was observed on systems and networks, ... no
ExtensionDefinition The STIX Extension Definition object allows producers of threat intelligence ... no
Indicator Indicators contain a pattern that can be used to detect suspicious or malicio... no
Infrastructure Infrastructure objects describe systems, software services, and associated ph... no
ThreatActor Threat Actors are actual individuals, groups, or organizations believed to be... no
Sighting A Sighting denotes the belief that something in CTI (e no
Core Common properties and behavior across all STIX Domain Objects and STIX Relati... yes
Malware Malware is a type of TTP that is also known as malicious code and malicious s... no
Report Reports are collections of threat intelligence focused on one or more topics,... no

Properties

Type and Range

Property Value
Range String
Domain Of Core

Cardinality and Requirements

Property Value
Multivalued Yes

Identifier and Mapping Information

Schema Source

  • from schema: https://w3id.org/lmodel/stix

Mappings

Mapping Type Mapped Value
self stix:labels
native stix:labels
close unified_cyber_ontology:tag

LinkML Source

name: labels
description: Terms used to describe this object.
from_schema: https://w3id.org/lmodel/stix
close_mappings:
- unified_cyber_ontology:tag
rank: 1000
alias: labels
domain_of:
- Core
range: string
multivalued: true