Skip to content

Observables : scoring/rating #57

New issue
New issue
Closed
Closed
Observables : scoring/rating#57
Assignees
SamuelHassine
Labels
featureuse for describing a new feature to developsolveduse to identify issue that has been solved (must be linked to the solving PR)
Milestone
Release 2.1.2
@Fred-certeu

Description

@Fred-certeu
Fred-certeu
opened on Jun 11, 2019

Please replace every line in curly brackets { like this } with appropriate answers, and remove this line.

Problem to Solve

We use it for selecting observable at SOC level.
Some observables correspond to legitimate IP addresses, domain names, etc. Their use in consuming devices will generate false positive.
Some observables might be 'malicious' for sometimes.
The rating/scoring will indicate 'how malicious' a give observable is.

Current Workaround

N/A

Proposed Solution

Scoring/rating: numerical value associated to each observable.
Range: [0-100]
(0: non malicious)
(100: malicious)
The logic to calculate or set the rating can be different depending on the organisation.
It should be subject to a separate 'issue'

Additional Information

N/A

Metadata

Metadata

Assignees

Labels

featureuse for describing a new feature to developsolveduse to identify issue that has been solved (must be linked to the solving PR)

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions