mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-12 06:04:56 +03:00
mukul975
25 lines
1.1 KiB
Markdown
25 lines
1.1 KiB
Markdown
# Standards and Frameworks Reference
|
|
|
|
## Applicable Standards
|
|
- **STIX 2.1**: Structured Threat Information eXpression for CTI data representation
|
|
- **TAXII 2.1**: Transport protocol for sharing CTI over HTTPS
|
|
- **MITRE ATT&CK**: Adversary tactics, techniques, and procedures taxonomy
|
|
- **Diamond Model**: Intrusion analysis framework (Adversary, Capability, Infrastructure, Victim)
|
|
- **Traffic Light Protocol (TLP)**: Information sharing classification (CLEAR, GREEN, AMBER, RED)
|
|
|
|
## MITRE ATT&CK Relevance
|
|
- Technique mapping for threat actor behavior classification
|
|
- Data sources for detection capability assessment
|
|
- Mitigation strategies linked to specific techniques
|
|
|
|
## Industry Frameworks
|
|
- NIST Cybersecurity Framework (CSF) 2.0 - Identify function
|
|
- ISO 27001:2022 - A.5.7 Threat Intelligence
|
|
- FIRST Standards - TLP, CSIRT, vulnerability coordination
|
|
|
|
## References
|
|
- [STIX 2.1 Specification](https://docs.oasis-open.org/cti/stix/v2.1/stix-v2.1.html)
|
|
- [MITRE ATT&CK](https://attack.mitre.org/)
|
|
- [Diamond Model Paper](https://www.activeresponse.org/wp-content/uploads/2013/07/diamond.pdf)
|
|
- [NIST CSF 2.0](https://www.nist.gov/cyberframework)
|