Merge pull request #439 from julienloizelet/feat/update-crowdsec-object

feat(crowdsec): Add attributes to crowdsec-ip-context object
MISP · Aug 23, 2024 · e1c145f · e1c145f
2 parents bda91e6 + fa2973b
commit e1c145f
Showing 1 changed file with 22 additions and 2 deletions.
diff --git a/objects/crowdsec-ip-context/definition.json b/objects/crowdsec-ip-context/definition.json
@@ -29,7 +29,7 @@
       "ui-priority": 1
     },
     "background-noise": {
-      "description": "Background noise",
+      "description": "High background noise scores highlight untargeted, mild threat mass-attacks",
       "disable_correlation": true,
       "misp-attribute": "float",
       "ui-priority": 1
@@ -66,6 +66,13 @@
       "misp-attribute": "text",
       "ui-priority": 0
     },
+    "cves": {
+      "description": "CVEs exploited by the observed IP",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "multiple": true,
+      "ui-priority": 1
+    },
     "dst-port": {
       "categories": [
         "Network activity",
@@ -124,6 +131,19 @@
       "misp-attribute": "float",
       "ui-priority": 1
     },
+    "mitre-techniques": {
+      "description": "MITRE ATT&CK techniques used by the observed IP",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "multiple": true,
+      "ui-priority": 1
+    },
+    "reputation": {
+      "description": "Real-time, actionable IP reputation score derived from trusted reports and consensus-validated data in CrowdSec CTI",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
     "reverse-dns": {
       "categories": [
         "Network activity",
@@ -159,5 +179,5 @@
     "ip"
   ],
   "uuid": "0f0a6def-a351-4d3b-9868-d732f6f4666f",
-  "version": 3
+  "version": 4
 }