Code Monkey home page Code Monkey logo

cti-stix2-json-schemas's Introduction

cti-stix2-json-schemas

This is an OASIS TC Open Repository. See the Governance section for more information.

This repository contains non-normative JSON schemas and examples for STIX 2. The examples include short examples of particular objects, more complete use-case examples, and complete reports in STIX 2. The repository contains both JSON schemas and JSON STIX documents.

NOTE: The schemas in this repository are intended to follow the STIX 2.1 Specification, but some requirements of the specification cannot be enforced in JSON schema alone. As a result, these schemas are insufficient to determine whether a particular example of STIX 2.1 JSON is "valid". Additionally, though care has been taken to ensure that these schemas do not conflict with the specification, in case of conflict, the specification takes precedence.

Some of the checks the schemas do not contain:

  • The 'modified' property must be later or equal to 'created'.
  • Marking Definitions (both object markings and granular markings) cannot refer to themselves (no circular refs).
  • IDs for custom object types must start with the name of that type.
  • Granular Marking selectors must refer to properties or items actually present in the object.
  • Object references in the Cyber Observable layer must be valid within the local scope.
  • Custom observable objects and observable extensions must have at least one custom property.
  • Values for some Cyber Observable object properties must come from official registries (eg. artifact:mime_type must be a valid IANA MIME type).
  • Some Cyber Observable objects' *_ref and *_refs properties must point to specific types of objects (eg. process:binary_ref must point to an object of type 'file').

NOTE: If you need schemas for previous versions of the STIX 2 specification, see the Git branch corresponding to that version.

Governance

This GitHub public repository ( https://github.com/oasis-open/cti-stix2-json-schemas ) was proposed and approved [bis] by the the OASIS Cyber Threat Intelligence (CTI) TC as an OASIS TC Open Repository to support development of open source resources related to Technical Committee work.

While this TC Open Repository remains associated with the sponsor TC, its development priorities, leadership, intellectual property terms, participation rules, and other matters of governance are separate and distinct from the OASIS TC Process and related policies.

All contributions made to this TC Open Repository are subject to open source license terms expressed in the BSD-3-Clause License. That license was selected as the declared "Applicable License" when the TC Open Repository was created.

As documented in "Public Participation Invited", contributions to this OASIS TC Open Repository are invited from all parties, whether affiliated with OASIS or not. Participants must have a GitHub account, but no fees or OASIS membership obligations are required. Participation is expected to be consistent with the OASIS TC Open Repository Guidelines and Procedures, the open source LICENSE designated for this particular repository, and the requirement for an Individual Contributor License Agreement that governs intellectual property.

Maintainers

TC Open Repository Maintainers are responsible for oversight of this project's community development activities, including evaluation of GitHub pull requests and preserving open source principles of openness and fairness. Maintainers are recognized and trusted experts who serve to implement community goals and consensus design preferences.

Initially, the associated TC members have designated one or more persons to serve as Maintainer(s); subsequently, participating community members may select additional or substitute Maintainers, per consensus agreements.

Current Maintainers of this TC Open Repository

About OASIS TC Open Repositories

Feedback

Questions or comments about this TC Open Repository's activities should be composed as GitHub issues or comments. If use of an issue/comment is not possible or appropriate, questions may be directed by email to the Maintainer(s) listed above. Please send general questions about TC Open Repository participation to OASIS Staff at [email protected] and any specific CLA-related questions to [email protected].

cti-stix2-json-schemas's People

Contributors

gtback avatar clenk avatar atweedmitre avatar chisholm avatar robincover avatar rpiazza avatar delliott90 avatar

Watchers

James Cloos avatar Vivek Jain avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.