twigs / core data model / configuration

A system configuration that might lead to compromise

Fields

Name Type Description
type ["configuration"] Hardcoded value to indicate what type of construct this is
id string Globally unique identifier for this construct.
revision integer The revision number of this construct. MUST be omitted if this is the first version, otherwise required.
created_at string Time at which this construct was created.
external_ids array <object> A list of external identifiers by which this construct may be known.
source string The source of this ID, i.e. name of an external system.
id string ID itself
link string A link to this construct in the external system
producer_ref string ID to the information source that produced this content
marking_refs array <string> The set of markings to be applied to this construct
structured_markings array <structured-marking> The set of L2 markings to be applied to this construct
controlled_structures array <string> A list of JSONPath statements, rooted at the top-level object that the structured_markings key is contained in, that the marking_refs apply to.
marking_refs array <string> The set of markings applied to the fields selected by the controlled_structures.
title string A title for this construct
description string A description for this construct
impact impact The impact of this vulnerability were it to be exploited
level integer The estimated severity of the impact.
intended_effects array <["Military Advantage", "Economic Advantage", "Political Advantage", "Intellectual Property Theft", "Identify Theft", "Brand Damage", "Degredation of Service", "Denial and Deception", "Destruction", "Disruption", "Exposure", "Extortion", "Fraud", "Harassment", "Watch the World Burn"]>
description string A prose description of the impact.
credibility integer The credibility of this statement, using the Admirality scale
cce_id string The CCE ID for this configuration

Relationships

Relationship Name Target Type
potential-coacourse-of-action
relatedconfiguration, weakness, vulnerability
duplicate-ofconfiguration

Samples

simple.json