Page Index - STIXProject/use-cases GitHub Wiki

277 page(s) in this GitHub Wiki:

• Home
• High Level Use cases identified for STIX include:
• Detailed Use cases identified for STIX include:
• To propose a new use case please:
• Use case title (replace with your title)
• Asserting Data Markings on Content
• Please reload this page
• Incident Recovery
• Please reload this page
• Incident Response
• Please reload this page
• New use case template (cut and paste this content into your new use case wiki page then flesh out)
• Please reload this page
• Proposing New Use Cases
• Please reload this page
• Use Case: Analyzing Cyber Threats
• Please reload this page
• Use Case: Analyzing Cyber Threats in Real Time Machine to Human
• Please reload this page
• Use Case: Anonymized Indicator Sighting Reporting
• Please reload this page
• Use Case: Asserting Relationships Between Content
• Please reload this page
• Use Case: Asset Risk Analysis
• Please reload this page
• Use Case: Asset Risk Characterization
• Please reload this page
• Use Case: Attack Infrastructure Analysis and Characterization
• Please reload this page
• Use Case: Attack Infrastructure Attribution Analysis
• Please reload this page
• Use Case: Attack Infrastructure Characterization
• Please reload this page
• Use Case: Attack Infrastructure Comparative Analysis
• Please reload this page
• Use Case: Attack Infrastructure Family Lineage Analysis
• Please reload this page
• Use Case: Attack Pattern Analysis and Characterization
• Please reload this page
• Use Case: Attack Pattern Comparative Analysis
• Please reload this page
• Use Case: Attack Tool Analysis and Characterization
• Please reload this page
• Use Case: Attack Tool Attribution Analysis
• Please reload this page
• Use Case: Attack Tool Characterization
• Please reload this page
• Use Case: Attack Tool Comparative Analysis
• Please reload this page
• Use Case: Attack Tool Family Lineage Analysis
• Please reload this page
• Use Case: Attacker Persona Analysis and Characterization
• Please reload this page
• Use Case: Attribution Analysis
• Please reload this page
• Use Case: Automated COA Deployment
• Please reload this page
• Use Case: Automated COA Selection
• Please reload this page
• Use Case: Automated COA Transformation
• Please reload this page
• Use Case: Campaign Analysis
• Please reload this page
• Use Case: Campaign Attribution Analysis
• Please reload this page
• Use Case: Campaign Incident Mapping Analysis
• Please reload this page
• Use Case: Campaign Motivation Analysis
• Please reload this page
• Use Case: Campaign TTP Mapping Analysis
• Please reload this page
• Use Case: Campaign Victim Targeting Analysis
• Please reload this page
• Use Case: CES 21 MMATRS project
• Please reload this page
• Use Case: COA Analysis
• Please reload this page
• Use Case: COA Characterization
• Please reload this page
• Use Case: COA Mapping to Purpose
• Please reload this page
• Use Case: COA Selection
• Please reload this page
• Use Case: COA Structured Characterization
• Please reload this page
• Use Case: Collaborative Malware Analysis
• Please reload this page
• Use Case: Configuration Characterization
• Please reload this page
• Use Case: Content Comparative Analysis
• Please reload this page
• Use Case: Create New Content
• Please reload this page
• Use Case: CTI Report Scoping and Aggregation
• Please reload this page
• Use Case: Cyber Breach Analysis and Categorization
• Please reload this page
• Use Case: Cyber Incident Breach Reporting
• Please reload this page
• Use Case: Cyber Threat Detection
• Please reload this page
• Use Case: Cyber Threat Indicator Sharing
• Please reload this page
• Use Case: Cyber Threat Prevention
• Please reload this page
• Use Case: Exploit Analysis and Characterization
• Please reload this page
• Use Case: Exploit Reverse Engineering
• Please reload this page
• Use Case: Exploit Target Analysis
• Please reload this page
• Use Case: Exploit Target Susceptibility Analysis
• Please reload this page
• Use Case: Holistic Threat Intelligence Report Sharing
• Please reload this page
• Use Case: Identifying Duplicate Content
• Please reload this page
• Use Case: Identifying Exact Duplicate Content from a different Producer
• Please reload this page
• Use Case: Identifying Exact Duplicate Content from the Same Producer
• Please reload this page
• Use Case: Identifying Partially Duplicate Content
• Please reload this page
• Use Case: Identifying Relationships between Content
• Please reload this page
• Use Case: Incident Analysis
• Please reload this page
• Use Case: Incident Attribution
• Please reload this page
• Use Case: Incident Attribution Analysis
• Please reload this page
• Use Case: Incident Categorization Analysis
• Please reload this page
• Use Case: Incident Comparative Analysis
• Please reload this page
• Use Case: Incident Impact Assessment
• Please reload this page
• Use Case: Incident Indicator Analysis
• Please reload this page
• Use Case: Incident Response
• Please reload this page
• Use Case: Incident Timeline Analysis
• Please reload this page
• Use Case: Incident TTP Analysis
• Please reload this page
• Use Case: Incident Victim Targeting Analysis
• Please reload this page
• Use Case: Indicator Analysis
• Please reload this page
• Use Case: Indicator Comparative Analysis
• Please reload this page
• Use Case: Indicator Composition Analysis
• Please reload this page
• Use Case: Indicator Deduplication
• Please reload this page
• Use Case: Indicator Duplication Identification
• Please reload this page
• Use Case: Indicator Efficacy Analysis
• Please reload this page
• Use Case: Indicator Extraction
• Please reload this page
• Use Case: Indicator Extraction from CTI
• Please reload this page
• Use Case: Indicator Extraction from Digital Forensics Analysis
• Please reload this page
• Use Case: Indicator Extraction from Malware Analysis
• Please reload this page
• Use Case: Indicator Extraction from Sensor or Log Data
• Please reload this page
• Use Case: Indicator Sighting Analysis
• Please reload this page
• Use Case: Indicator Sighting Reporting
• Please reload this page
• Use Case: Indicator Sighting Reporting with Count
• Please reload this page
• Use Case: Indicator Sighting Reporting with Specific Observation
• Please reload this page
• Use Case: Indicator to KillChain Mapping Analysis
• Please reload this page
• Use Case: Intended Effect Analysis
• Please reload this page
• Use Case: Kill Chain Analysis
• Please reload this page
• Use Case: Kill Chain Characterization
• Please reload this page
• Use Case: Kill Chain Temporal Analysis
• Please reload this page
• Use Case: Malware Analysis and Characterization
• Please reload this page
• Use Case: Malware Analysis Sharing
• Please reload this page
• Use Case: Malware Behavioral Analysis
• Please reload this page
• Use Case: Malware Comparative Analysis
• Please reload this page
• Use Case: Malware Family Lineage Analysis
• Please reload this page
• Use Case: Malware Reverse Engineering
• Please reload this page
• Use Case: Malware Structural Analysis
• Please reload this page
• Use Case: Management of Content Over Time
• Please reload this page
• Use Case: Management of Content Sharing Over Time
• Please reload this page
• Use Case: Managing Content Control
• Please reload this page
• Use Case: Managing Cyber Threat Response Activities
• Please reload this page
• Use Case: Managing Situational Awareness
• Please reload this page
• Use Case: Negotiation Agreement on Technical Factors for Cyber Threat Information Exchange
• Please reload this page
• Use Case: Prioritizing Cyber Threats
• Please reload this page
• Use Case: Publish Content
• Please reload this page
• Use Case: Qualifying Asserted Relationship Confidence
• Please reload this page
• Use Case: Receive Content
• Please reload this page
• Use Case: Reshare Content
• Please reload this page
• Use Case: Security Tool Integration
• Please reload this page
• Use Case: Share Cyber Threat Information
• Please reload this page
• Use Case: Shared Content Source Assessment
• Please reload this page
• Use Case: Sighting Analysis
• Please reload this page
• Use Case: Simple Indicator Sighting Reporting ( 1)
• Please reload this page
• Use Case: Specifying Indicator Patterns for Cyber Threats
• Please reload this page
• Use Case: Threat Actor Capability Analysis
• Please reload this page
• Use Case: Threat Actor Characterization
• Please reload this page
• Use Case: Threat Actor Identity Analysis
• Please reload this page
• Use Case: Threat Actor Kill Chain Analysis
• Please reload this page
• Use Case: Threat Actor Modus Operandi Analysis
• Please reload this page
• Use Case: Threat Actor Motivation Analysis
• Please reload this page
• Use Case: Threat Actor Predictive Intent Analysis
• Please reload this page
• Use Case: TTP Analysis
• Please reload this page
• Use Case: TTP Exploit Targeting Analysis and Characterization
• Please reload this page
• Use Case: TTP Targeted Configuration Identification
• Please reload this page
• Use Case: TTP Targeted Vulnerability Identification
• Please reload this page
• Use Case: TTP Targeted Weakness Identification
• Please reload this page
• Use Case: TTP to KillChain Mapping Analysis
• Please reload this page
• Use Case: Update Content
• Please reload this page
• Use Case: Victim Targeting Analysis and Characterization
• Please reload this page
• Use Case: Victim Targeting by Identity Characterization
• Please reload this page
• Use Case: Victim Targeting by Information Type Characterization
• Please reload this page
• Use Case: Victim Targeting by System Type Characterization
• Please reload this page
• Use Case: Victim Targeting by Technical Context Characterization
• Please reload this page
• Use Case: Vulnerability Characterization
• Please reload this page
• Use Case: Weakness Characterization
• Please reload this page