[go: nahoru, domu]
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Observables : scoring/rating #57

Closed
Fred-certeu opened this issue Jun 11, 2019 · 1 comment
Closed

Observables : scoring/rating #57

Fred-certeu opened this issue Jun 11, 2019 · 1 comment
Assignees
@SamuelHassine
Labels
feature use for describing a new feature to develop solved use to identify issue that has been solved (must be linked to the solving PR)
Milestone
Release 2.1.2

Comments

@Fred-certeu
Copy link
Fred-certeu commented Jun 11, 2019
edited
Loading

Please replace every line in curly brackets { like this } with appropriate answers, and remove this line.

Problem to Solve

We use it for selecting observable at SOC level.
Some observables correspond to legitimate IP addresses, domain names, etc. Their use in consuming devices will generate false positive.
Some observables might be 'malicious' for sometimes.
The rating/scoring will indicate 'how malicious' a give observable is.

Current Workaround

N/A

Proposed Solution

Scoring/rating: numerical value associated to each observable.
Range: [0-100]
(0: non malicious)
(100: malicious)
The logic to calculate or set the rating can be different depending on the organisation.
It should be subject to a separate 'issue'

Additional Information

N/A
@SamuelHassine SamuelHassine added the feature use for describing a new feature to develop label Jun 20, 2019
@SamuelHassine SamuelHassine added this to the v1.0.0 milestone Jun 27, 2019
@SamuelHassine
Copy link
Member

A score is now computed at the observable level and based on a new attribute "score" attached to the relations of type "indicates" that relates observables to threats.

@SamuelHassine SamuelHassine added the solved use to identify issue that has been solved (must be linked to the solving PR) label Jun 27, 2019
SamuelHassine pushed a commit that referenced this issue Jun 27, 2019
#57 Enhance analytics and compute average scores of observables
7f3bd87
@SamuelHassine SamuelHassine reopened this Jun 28, 2019
@SamuelHassine SamuelHassine removed the solved use to identify issue that has been solved (must be linked to the solving PR) label Dec 14, 2019
@SamuelHassine SamuelHassine self-assigned this Dec 14, 2019
@SamuelHassine SamuelHassine reopened this Dec 14, 2019
@SamuelHassine SamuelHassine added the solved use to identify issue that has been solved (must be linked to the solving PR) label Dec 19, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@SamuelHassine SamuelHassine

Labels
feature use for describing a new feature to develop solved use to identify issue that has been solved (must be linked to the solving PR)
Projects
None yet
Milestone
Release 2.1.2
Development

No branches or pull requests
2 participants
@SamuelHassine @Fred-certeu