All,
One of our team members put together a list of changes between WD04 and WD05 for those interested:
Part 2: SDOs and SROs
-
Attack Pattern
-
Grouping
-
object_refs are now required
-
Indicator
-
New property: pattern_type
-
New property: pattern_version
-
New relationship: indicator based-on observed-data
-
Infrastructure
-
Location
-
New property: name
-
Property renamed: code -> street_address
-
Malware
-
New relationship: malware originates-from location
-
Malware Analysis
-
Property renamed: module -> modules
-
Property type changed: string -> list of type string
-
Property renamed: av_engine_version -> analysis_engine_version
-
Property renamed: av_definition_version -> analysis_definition_version
-
Property renamed: host_vm -> host_vm_ref
-
Property renamed: operating_system -> operating_system_ref
-
Property renamed: installed_software -> installed_software_refs
-
Threat Actor
-
New property: first_seen
-
New property: last_seen
-
Tool
-
New relationship: tool has vulnerability
-
Vulnerability
-
Relationship removed:
vulnerability impacts infrastructure, tool
-
Sighting
-
New property: description
Part 4: Vocabs
-
Implementation Language (implementation-language-ov)
-
New value: perl
-
New value: ruby
Regards,
Ivan
|