Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New attributes and object for patch metadata (kb_article) #702

Closed
wants to merge 14 commits into from
Closed

New attributes and object for patch metadata (kb_article) #702

Show file tree
Hide file tree
Changes from 12 commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
f950f6d
new attributes for kbarticle and product objects
jasonbreimer Jul 27, 2023
0e0c647
new general classification attribute
jasonbreimer Jul 27, 2023
c6836b3
new kbarticle object
jasonbreimer Jul 27, 2023
9a7a006
kbarticle spelling fix
jasonbreimer Jul 27, 2023
abfeb8a
change kbarticles attribute to kbarticle object
jasonbreimer Jul 27, 2023
a78222e
attribute description change
jasonbreimer Jul 27, 2023
f258590
Revert "change kbarticles attribute to kbarticle object"
jasonbreimer Jul 28, 2023
b7d83b7
rename kbarticle.json to kb_article.json
jasonbreimer Jul 28, 2023
046604b
edit object text name kb_article
jasonbreimer Jul 31, 2023
c051dcd
update CPE attribute with link
jasonbreimer Aug 1, 2023
16e8155
remove related_cves
jasonbreimer Aug 1, 2023
9a1f716
description and attribute change
jasonbreimer Aug 1, 2023
c12ba1d
fix spacing issue
jasonbreimer Aug 2, 2023
141948c
kb_article object
jasonbreimer Aug 2, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 20 additions & 0 deletions dictionary.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -319,6 +319,11 @@
"description": "The operating system build number.",
"type": "string_t"
},
"bulletin": {
"caption": "Patch Bulletin",
"description": "The vendor bulletin identfier.",
"type": "string_t"
},
"bytes": {
"caption": "Total Bytes",
"default": 0,
Expand Down Expand Up @@ -711,6 +716,11 @@
"sibling": "classifications",
"type": "integer_t"
},
"classification": {
"caption": "Classification",
"description": "The classification as defined by the vendor.",
"type": "string_t"
},
"classifications": {
"caption": "Classifications",
"description": "The list of malware classifications, normalized to the captions of the classification_id values. In the case of 'Other', they are defined by the event source.",
Expand Down Expand Up @@ -923,6 +933,11 @@
"description": "The ISO 3166-1 Alpha-2 country code. For the complete list of country codes see <a target='_blank' href='https://www.iso.org/obp/ui/#iso:pub:PUB500001:en' >ISO 3166-1 alpha-2 codes</a>.<p><b>Note:</b> The two letter country code should be capitalized. For example: <code>US</code> or <code>CA</code>.</p>",
"type": "string_t"
},
"cpe": {
"caption": "The product CPE identifier",
"description": "The Common Platform Enumeration (CPE) name as described by (<a target='_blank' href='https://nvd.nist.gov/products/cpe'>NIST</a>).",
"type": "string_t"
},
"cpu_bits": {
"caption": "CPU Bits",
"description": "The cpu architecture, the number of bits used for addressing in memory. For example: <code>32</code> or <code>64</code>.",
Expand Down Expand Up @@ -2977,6 +2992,11 @@
"description": "The unique identifier of a virtual subnet.",
"type": "string_t"
},
"superseded": {
"caption": "The patch is superseded.",
"description": "The vendor patch has been replaced by another.",
"type": "boolean_t"
},
"supporting_data": {
"caption": "Supporting Data",
"description": "Additional data supporting a finding as provided by security tool",
Expand Down
56 changes: 56 additions & 0 deletions objects/kb_article.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
{
"caption": "KB Article",
"description": "The KB Article object contains metadata that describes the patch or update.",
"extends": "object",
"name": "kb_article",
"attributes": {
"title": {
"description": "The title of the kb article.",
"requirement": "recommended"
},
"uid": {
"description": "The unique identifier for the kb article.",
"requirement": "required"
},
"os": {
"description": "The operating system the kb article applies.",
"requirement": "recommended"
},
"severity": {
"description": "The severity of the kb article.",
"requirement": "recommended"
},
"bulletin": {
"description": "The kb article bulletin identifier.",
"requirement": "optional"
},
"product": {
"description": "The product details the kb article applies.",
"requirement": "optional"
},
"superseded": {
"description": "The kb article has been replaced by another.",
"requirement": "optional"
},
"created_time": {
"description": "The date the kb article was released by the vendor.",
"requirement": "optional"
},
"size": {
"description": "The size in bytes for the kb article.",
"requirement": "optional"
},
"related_vulnerabilities": {
"description": "A list of related vulnerabilities to the kb article.",
"requirement": "optional"
},
"src_url": {
"description": "The kb article link from the source vendor.",
"requirement": "optional"
},
"classification": {
"description": "The vendors classification of the kb article.",
"requirement": "optional"
}
}
}