[Marketplace Contribution] MISP - Indicator Sharing

Packs/MISP-IndicatorSharing/IncidentFields/incidentfield-CNCS_Classification.json

@@ -0,0 +1,43 @@
+{
+    "associatedToAll": true,
+    "caseInsensitive": true,
+    "cliName": "cncsclassification",
+    "closeForm": false,
+    "content": true,
+    "editForm": true,
+    "group": 0,
+    "hidden": false,
+    "id": "incident_cncsclassification",
+    "isReadOnly": false,
+    "locked": false,
+    "name": "CNCS_Classification",
+    "neverSetAsRequired": false,
+    "openEnded": false,
+    "ownerOnly": false,
+    "propagationLabels": [
+        "all"
+    ],
+    "required": false,
+    "selectValues": [
+        "",
+        "Código Malicioso",
+        "Disponibilidade",
+        "Recolha de Informação",
+        "Intrusão",
+        "Tentativa de Intrusão",
+        "Segurança da Informação",
+        "Fraude",
+        "Conteúdo Abusivo",
+        "Vulnerabilidade",
+        "Outro"
+    ],
+    "sla": 0,
+    "system": false,
+    "threshold": 72,
+    "type": "singleSelect",
+    "unmapped": false,
+    "unsearchable": false,
+    "useAsKpi": false,
+    "version": -1,
+    "fromVersion": "6.0.0"
+}

Packs/MISP-IndicatorSharing/IncidentFields/incidentfield-CNCS_Type.json

@@ -0,0 +1,73 @@
+{
+    "associatedToAll": true,
+    "caseInsensitive": true,
+    "cliName": "cncstype",
+    "closeForm": false,
+    "content": true,
+    "editForm": true,
+    "group": 0,
+    "hidden": false,
+    "id": "incident_cncstype",
+    "isReadOnly": false,
+    "locked": false,
+    "name": "CNCS_Type",
+    "neverSetAsRequired": false,
+    "openEnded": false,
+    "ownerOnly": false,
+    "propagationLabels": [
+        "all"
+    ],
+    "required": false,
+    "selectValues": [
+        "",
+        "Sistema Infetado",
+        "Distribuição de Malware",
+        "Servidor C2",
+        "Configuração de Malware",
+        "Negação de Serviço",
+        "Negação de Serviço Distribuída",
+        "Configuração incorreta",
+        "Sabotagem",
+        "Interrupção",
+        "Scanning",
+        "Sniffing",
+        "Engenharia Social",
+        "Comprometimento de Conta Privilegiada",
+        "Comprometimento de Conta Não Privilegiada",
+        "Comprometimento de Aplicação",
+        "Comprometimento de Sistema",
+        "Arrombamento",
+        "Exploração de Vulnerabilidade",
+        "Tentativa de Login",
+        "Nova assinatura de ataque",
+        "Acesso não autorizado",
+        "Modificação não autorizada",
+        "Perda de dados",
+        "Exfiltração de Informação",
+        "Utilização indevida ou não autorizada de recursos",
+        "Direitos de autor",
+        "Utilização ilegítima de nome de terceiros",
+        "Phishing",
+        "Spam",
+        "Discurso Nocivo",
+        "Exploração sexual de menores",
+        "racismo e apologia da violência",
+        "Criptografia fraca",
+        "Amplificador DDoS",
+        "Serviços acessíveis potencialmente indesejados",
+        "Revelação de informação",
+        "Sistema vulnerável",
+        "Sem tipo",
+        "Indeterminado",
+        "Teste"
+    ],
+    "sla": 0,
+    "system": false,
+    "threshold": 72,
+    "type": "singleSelect",
+    "unmapped": false,
+    "unsearchable": false,
+    "useAsKpi": false,
+    "version": -1,
+    "fromVersion": "6.0.0"
+}

Packs/MISP-IndicatorSharing/IncidentFields/incidentfield-enisacode.json

@@ -0,0 +1,72 @@
+{
+    "associatedToAll": true,
+    "caseInsensitive": true,
+    "cliName": "enisacode",
+    "closeForm": false,
+    "content": true,
+    "editForm": true,
+    "group": 0,
+    "hidden": false,
+    "id": "incident_enisacode",
+    "isReadOnly": false,
+    "locked": false,
+    "name": "enisacode",
+    "neverSetAsRequired": false,
+    "openEnded": false,
+    "ownerOnly": false,
+    "propagationLabels": [
+        "all"
+    ],
+    "required": false,
+    "selectValues": [
+        "",
+        "Malicious Code:Infected System",
+        "Malicious Code:Malware Distribution",
+        "Malicious Code:C2 Server",
+        "Malicious Code:Malware Configuration",
+        "Availability:Denial of Service",
+        "Availability:Distributed Denial of Service",
+        "Availability:Misconfiguration",
+        "Availability:Sabotage",
+        "Availability:Outage",
+        "Information Gathering:Scanning",
+        "Information Gathering:Sniffing",
+        "Information Gathering:Social Engineering",
+        "Intrusions:Privileged Account Compromise",
+        "Intrusions:Unprivileged Account Compromise",
+        "Intrusions:Application Compromise",
+        "Intrusions:System Compromise",
+        "Intrusions:Burglary",
+        "Intrusion Attempts:Exploitation of known Vulnerabilities",
+        "Intrusion Attempts:Login attempts",
+        "Intrusion Attempts:New attack signature",
+        "Information Content Security:Unauthorised access to information",
+        "Information Content Security:Unauthorised modification of information",
+        "Information Content Security:Data Loss",
+        "Information Content Security:Leak of confidential information",
+        "Fraud:Unauthorised use of resources",
+        "Fraud:Copyright",
+        "Fraud:Masquerade",
+        "Fraud:Phishing",
+        "Abusive Content:Spam",
+        "Abusive Content:Harmful Speech",
+        "Abusive Content:(Child) Sexual Exploitation/Sexual/Violent Content",
+        "Vulnerable:Weak crypto",
+        "Vulnerable:DDoS amplifier",
+        "Vulnerable:Potentially unwanted accessible services",
+        "Vulnerable:Information disclosure",
+        "Vulnerable:Vulnerable system",
+        "Other:Uncategorised",
+        "Other:Undetermined",
+        "Test:Test"
+    ],
+    "sla": 0,
+    "system": false,
+    "threshold": 72,
+    "type": "singleSelect",
+    "unmapped": false,
+    "unsearchable": false,
+    "useAsKpi": false,
+    "version": -1,
+    "fromVersion": "6.0.0"
+}