Skip to content
This repository has been archived by the owner on Jun 10, 2021. It is now read-only.

STIX indicator parser #3

Open
3 tasks
DeemOnSecurity opened this issue Mar 18, 2021 · 0 comments
Open
3 tasks

STIX indicator parser #3

DeemOnSecurity opened this issue Mar 18, 2021 · 0 comments
Labels
improvement This issue or pull request will add new or improve existing functionality version bump This issue or pull request increments the version number

Comments

@DeemOnSecurity
Copy link
Contributor

💡 Summary

Write a translation layer, allowing STIX indicators to be directly ingested and queried.

Motivation and context

This would allow CISA to release threat packages that can be directly executed without manual translation.

Implementation notes

Implementation would follow our current indicator format of dropping files in the indicators folder. When we are in the loading phase of the program, the file would be ingested and parsed, then operate like normal.

Acceptance criteria

How do we know when this work is done?

  • STIX files are properly ingested and queried
  • Python module follows cisagov coding conventions
  • Tests have been written to ensure future compliance
@DeemOnSecurity DeemOnSecurity added improvement This issue or pull request will add new or improve existing functionality version bump This issue or pull request increments the version number labels Mar 18, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
improvement This issue or pull request will add new or improve existing functionality version bump This issue or pull request increments the version number
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@DeemOnSecurity