Security Incident-Identification Schema

Identifying Security Incidents Related to Advanced Persistent Threats (APTs)

Group Categorization

Group Reviews

Recent Incidents

General Source: VERIS Community

Identifying Threats Using Patterns:

  • Actor: [Individual or entity responsible for the threat]

  • Action: [Actions taken or methods used by the threat actor]

  • Asset: [Targeted resources or information]

  • Attribute: [Characteristics or properties related to the incident]

Action Framework Structured Threat Information eXpression (STIX) Source: STIX Project

KILL CHAIN MAPPING Information list for KILL CHAIN MAPPING Source: Lockheed Martin - Intel Driven Defense

Prioritized Defended Asset List (PDAL) List and prioritize assets to defend Source:

Last updated