diff --git a/dictionary.json b/dictionary.json index 2e0436fb2..7f276cd05 100644 --- a/dictionary.json +++ b/dictionary.json @@ -319,6 +319,11 @@ "description": "The operating system build number.", "type": "string_t" }, + "bulletin": { + "caption": "Patch Bulletin", + "description": "The vendor bulletin identfier.", + "type": "string_t" + }, "bytes": { "caption": "Total Bytes", "default": 0, @@ -711,6 +716,11 @@ "sibling": "classifications", "type": "integer_t" }, + "classification": { + "caption": "Classification", + "description": "The classification as defined by the vendor.", + "type": "string_t" + }, "classifications": { "caption": "Classifications", "description": "The list of malware classifications, normalized to the captions of the classification_id values. In the case of 'Other', they are defined by the event source.", @@ -923,6 +933,11 @@ "description": "The ISO 3166-1 Alpha-2 country code. For the complete list of country codes see ISO 3166-1 alpha-2 codes.

Note: The two letter country code should be capitalized. For example: US or CA.

", "type": "string_t" }, + "cpe": { + "caption": "The product CPE identifier", + "description": "The Common Platform Enumeration (CPE) name as described by (NIST).", + "type": "string_t" + }, "cpu_bits": { "caption": "CPU Bits", "description": "The cpu architecture, the number of bits used for addressing in memory. For example: 32 or 64.", @@ -1754,6 +1769,11 @@ "description": "The user's job title.", "type": "string_t" }, + "kb_article": { + "caption": "Knowledgebase Article describes the patch or update", + "description": "The KB article/s related to the entity", + "type": "kb_article" + }, "kb_articles": { "caption": "Knowledgebase Articles", "description": "The KB article/s related to the entity", @@ -2977,6 +2997,11 @@ "description": "The unique identifier of a virtual subnet.", "type": "string_t" }, + "superseded": { + "caption": "The patch is superseded.", + "description": "The vendor patch has been replaced by another.", + "type": "boolean_t" + }, "supporting_data": { "caption": "Supporting Data", "description": "Additional data supporting a finding as provided by security tool", diff --git a/objects/kb_article.json b/objects/kb_article.json new file mode 100644 index 000000000..7c903b244 --- /dev/null +++ b/objects/kb_article.json @@ -0,0 +1,56 @@ +{ + "caption": "KB Article", + "description": "The KB Article object contains metadata that describes the patch or update.", + "extends": "object", + "name": "kb_article", + "attributes": { + "title": { + "description": "The title of the kb article.", + "requirement": "recommended" + }, + "uid": { + "description": "The unique identifier for the kb article.", + "requirement": "required" + }, + "os": { + "description": "The operating system the kb article applies.", + "requirement": "recommended" + }, + "severity": { + "description": "The severity of the kb article.", + "requirement": "recommended" + }, + "bulletin": { + "description": "The kb article bulletin identifier.", + "requirement": "optional" + }, + "product": { + "description": "The product details the kb article applies.", + "requirement": "optional" + }, + "superseded": { + "description": "The kb article has been replaced by another.", + "requirement": "optional" + }, + "created_time": { + "description": "The date the kb article was released by the vendor.", + "requirement": "optional" + }, + "size": { + "description": "The size in bytes for the kb article.", + "requirement": "optional" + }, + "related_vulnerabilities": { + "description": "A list of related vulnerabilities to the kb article.", + "requirement": "optional" + }, + "src_url": { + "description": "The kb article link from the source vendor.", + "requirement": "optional" + }, + "classification": { + "description": "The vendors classification of the kb article.", + "requirement": "optional" + } + } +}