Created
November 30, 2015 19:03
-
-
Save sbarnum/e3ea5e45fb8ca26c852f to your computer and use it in GitHub Desktop.
XML serialization of example STIX content from the "Incident Essentials - Who, What, When" idiom
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<stix:STIX_Package> | |
<stix:Incidents> | |
<stix:Incident id="example:incident-8236b4a2-abe0-4b56-9347-288005c4bb92" timestamp="2014-11-18T23:40:08.061362+00:00" xsi:type='incident:IncidentType' version="1.2"> | |
<incident:Title>Breach of Cyber Tech Dynamics</incident:Title> | |
<incident:Time> | |
<incident:Initial_Compromise precision="second">2012-01-30T00:00:00</incident:Initial_Compromise> | |
<incident:Incident_Discovery precision="second">2012-05-10T00:00:00</incident:Incident_Discovery> | |
<incident:Restoration_Achieved precision="second">2012-08-10T00:00:00</incident:Restoration_Achieved> | |
<incident:Incident_Reported precision="second">2012-12-10T00:00:00</incident:Incident_Reported> | |
</incident:Time> | |
<incident:Description>Intrusion into enterprise network</incident:Description> | |
<incident:Reporter> | |
<stixCommon:Description>The person who reported it</stixCommon:Description> | |
<stixCommon:Identity id="example:Identity-cd64aaa6-b1c0-4026-8ea1-14ff5a19e5fb"> | |
<stixCommon:Name>Sample Investigations, LLC</stixCommon:Name> | |
</stixCommon:Identity> | |
<stixCommon:Time> | |
<cyboxCommon:Produced_Time>2014-03-11T00:00:00</cyboxCommon:Produced_Time> | |
</stixCommon:Time> | |
</incident:Reporter> | |
<incident:Victim id="example:Identity-dd8637b7-51b4-48f0-9e3c-a2b23b3a2dd7"> | |
<stixCommon:Name>Cyber Tech Dynamics</stixCommon:Name> | |
</incident:Victim> | |
<incident:Impact_Assessment> | |
<incident:Effects> | |
<incident:Effect xsi:type="stixVocabs:IncidentEffectVocab-1.0">Financial Loss</incident:Effect> | |
</incident:Effects> | |
</incident:Impact_Assessment> | |
<incident:Confidence timestamp="2014-11-18T23:40:08.061379+00:00"> | |
<stixCommon:Value xsi:type="stixVocabs:HighMediumLowVocab-1.0">High</stixCommon:Value> | |
</incident:Confidence> | |
</stix:Incident> | |
</stix:Incidents> | |
</stix:STIX_Package> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment