The SecurityCompromiseVocab is the default STIX vocabulary for expressing whether or not an incident resulted in a security compromise.
Item | Description |
---|---|
Yes | It has been confirmed that this incident resulted in a security compromise. |
Suspected | It is suspected that this incident resulted in a security compromise. |
No | It has been confirmed that this incident did not result in a security compromise. |
Unknown | It is not known whether this incident resulted in a security compromise. |
Field Name | Type | Description |
---|---|---|
@vocab_nameoptional | string |
The vocab_name field specifies the name of the controlled vocabulary. |
@vocab_referenceoptional | anyURI |
The vocab_reference field specifies the URI to the location of where the controlled vocabulary is defined, e.g., in an externally located XML schema file. |