From 83d16f160cd70fb63cc95a600a1d3cfc320feecc Mon Sep 17 00:00:00 2001 From: Mike CL Date: Sat, 1 Oct 2022 21:16:10 +0200 Subject: [PATCH 1/9] Add optional NOT syntax to EXISTS in patterns --- pattern_grammar/STIXPattern.g4 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pattern_grammar/STIXPattern.g4 b/pattern_grammar/STIXPattern.g4 index e125d7f..64ea032 100644 --- a/pattern_grammar/STIXPattern.g4 +++ b/pattern_grammar/STIXPattern.g4 @@ -50,7 +50,7 @@ propTest | objectPath NOT? ISSUBSET StringLiteral # propTestIsSubset | objectPath NOT? ISSUPERSET StringLiteral # propTestIsSuperset | LPAREN comparisonExpression RPAREN # propTestParen - | EXISTS objectPath # propTestExists + | NOT? EXISTS objectPath # propTestExists ; startStopQualifier From e417a3b96fdb3525144a652ff79739143818e619 Mon Sep 17 00:00:00 2001 From: Mike Date: Sat, 1 Oct 2022 21:26:36 +0200 Subject: [PATCH 2/9] Streamline indentation --- pattern_grammar/STIXPattern.g4 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pattern_grammar/STIXPattern.g4 b/pattern_grammar/STIXPattern.g4 index 64ea032..217557e 100644 --- a/pattern_grammar/STIXPattern.g4 +++ b/pattern_grammar/STIXPattern.g4 @@ -50,7 +50,7 @@ propTest | objectPath NOT? ISSUBSET StringLiteral # propTestIsSubset | objectPath NOT? ISSUPERSET StringLiteral # propTestIsSuperset | LPAREN comparisonExpression RPAREN # propTestParen - | NOT? EXISTS objectPath # propTestExists + | NOT? EXISTS objectPath # propTestExists ; startStopQualifier From 80ba2b530576b2305179ec1fed3d7b3cf50c09c9 Mon Sep 17 00:00:00 2001 From: Chris Lenk Date: Thu, 27 Oct 2022 10:13:55 -0400 Subject: [PATCH 3/9] Update link to STIX Patterning documentation --- pattern_grammar/STIXPattern.g4 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pattern_grammar/STIXPattern.g4 b/pattern_grammar/STIXPattern.g4 index e125d7f..6b63aa9 100644 --- a/pattern_grammar/STIXPattern.g4 +++ b/pattern_grammar/STIXPattern.g4 @@ -1,6 +1,6 @@ // This is an ANTLR4 grammar for the STIX Patterning Language. // -// http://docs.oasis-open.org/cti/stix/v2.0/stix-v2.0-part5-stix-patterning.html +// https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.html#_e8slinrhxcc9 grammar STIXPattern; From 016c3ed57f124295f4ebab7d66fa51c07a2cf9ac Mon Sep 17 00:00:00 2001 From: Emily Ratliff Date: Tue, 22 Nov 2022 18:26:12 -0600 Subject: [PATCH 4/9] update workflow due to Node 12 deprecation --- .github/workflows/python-ci-tests.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/python-ci-tests.yml b/.github/workflows/python-ci-tests.yml index 692dfb5..683000a 100644 --- a/.github/workflows/python-ci-tests.yml +++ b/.github/workflows/python-ci-tests.yml @@ -10,13 +10,13 @@ jobs: name: Python 3.x Build steps: - - uses: actions/checkout@v2 - - name: Use Node.js 12.x - uses: actions/setup-node@v1 + - uses: actions/checkout@v3 + - name: Use Node.js 16 + uses: actions/setup-node@v3 with: - node-version: '12.x' + node-version: 16 - name: Set up Python 3.x - uses: actions/setup-python@v2 + uses: actions/setup-python@v4 with: python-version: '3.x' - name: Install and update essential dependencies From c5d24c6da64e5e9fc95e06265235584870cd1545 Mon Sep 17 00:00:00 2001 From: OASIS-OP-Admin <47402065+OASIS-OP-Admin@users.noreply.github.com> Date: Tue, 6 Jun 2023 14:56:10 -0400 Subject: [PATCH 5/9] fixing i-cla links --- CONTRIBUTING.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 6908972..40924a4 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -2,7 +2,7 @@ ## Public Participation Invited -This [OASIS TC Open Repository](https://www.oasis-open.org/resources/open-repositories) ( **[github.com/oasis-open/cti-stix2-json-schemas](https://github.com/oasis-open/cti-stix2-json-schemas)** ) is a community public repository that supports participation by anyone, whether affiliated with OASIS or not. Substantive contributions (repository "code") and related feedback is invited from all parties, following the common conventions for participation in GitHub public repository projects. Participation is expected to be consistent with the [OASIS TC Open Repository Guidelines and Procedures](https://www.oasis-open.org/policies-guidelines/open-repositories), the [LICENSE](https://www.oasis-open.org/sites/www.oasis-open.org/files/BSD-3-Clause.txt) designated for this particular repository (BSD-3-Clause License), and the requirement for an [Individual Contributor License Agreement](https://www.oasis-open.org/resources/open-repositories/cla/individual-cla). Please see the repository [README](https://github.com/oasis-open/cti-stix2-json-schemas/blob/master/README.md) document for other details. +This [OASIS TC Open Repository](https://www.oasis-open.org/resources/open-repositories) ( **[github.com/oasis-open/cti-stix2-json-schemas](https://github.com/oasis-open/cti-stix2-json-schemas)** ) is a community public repository that supports participation by anyone, whether affiliated with OASIS or not. Substantive contributions (repository "code") and related feedback is invited from all parties, following the common conventions for participation in GitHub public repository projects. Participation is expected to be consistent with the [OASIS TC Open Repository Guidelines and Procedures](https://www.oasis-open.org/policies-guidelines/open-repositories), the [LICENSE](https://www.oasis-open.org/sites/www.oasis-open.org/files/BSD-3-Clause.txt) designated for this particular repository (BSD-3-Clause License), and the requirement for an [Individual Contributor License Agreement](https://cla-assistant.io/oasis-open/Open-Repo-admin). Please see the repository [README](https://github.com/oasis-open/cti-stix2-json-schemas/blob/master/README.md) document for other details. ## Governance Distinct from OASIS TC Process @@ -14,7 +14,7 @@ Because different licenses apply to the OASIS TC's specification work, and this ## Contributions Subject to Individual CLA -Formally, "contribution" to this TC Open Repository refers to content merged into the "Code" repository (repository changes represented by code [commits](https://github.com/oasis-open/cti-stix2-json-schemas/commits/master)), following the GitHub definition of _[contributor](https://help.github.com/articles/github-glossary/#contributor)_: "someone who has contributed to a project by having a pull request merged but does not have collaborator [*i.e.*, direct write] access." Anyone who signs the TC Open Repository [Individual Contributor License Agreement (CLA)](https://www.oasis-open.org/resources/open-repositories/cla/individual-cla), signifying agreement with the licensing requirement, may contribute substantive content — subject to evaluation of a GitHub pull request. The main web page for this repository, as with any GitHub public repository, displays a link to a document listing contributions to the repository's default branch (filtered by Commits, Additions, and Deletions). +Formally, "contribution" to this TC Open Repository refers to content merged into the "Code" repository (repository changes represented by code [commits](https://github.com/oasis-open/cti-stix2-json-schemas/commits/master)), following the GitHub definition of _[contributor](https://help.github.com/articles/github-glossary/#contributor)_: "someone who has contributed to a project by having a pull request merged but does not have collaborator [*i.e.*, direct write] access." Anyone who signs the TC Open Repository [Individual Contributor License Agreement (CLA)](https://cla-assistant.io/oasis-open/Open-Repo-admin), signifying agreement with the licensing requirement, may contribute substantive content — subject to evaluation of a GitHub pull request. The main web page for this repository, as with any GitHub public repository, displays a link to a document listing contributions to the repository's default branch (filtered by Commits, Additions, and Deletions). This TC Open Repository, as with GitHub public repositories generally, also accepts public feedback from any GitHub user. Public feedback includes opening issues, authoring and editing comments, participating in conversations, making wiki edits, creating repository stars, and making suggestions via pull requests. Such feedback does not constitute an OASIS TC Open Repository [contribution](#openRepoContribution). Some details are presented under "Read permissions" in the table of [permission levels](https://help.github.com/articles/repository-permission-levels-for-an-organization/) for a GitHub organization. Technical content intended as a substantive contribution (repository "Code") to an TC Open Repository is subject to evaluation, and requires a signed Individual CLA. From f923f7ee3d7a68346264f0959456e31216c6f409 Mon Sep 17 00:00:00 2001 From: OASIS-OP-Admin <47402065+OASIS-OP-Admin@users.noreply.github.com> Date: Tue, 28 Nov 2023 16:24:38 -0500 Subject: [PATCH 6/9] Update README.md updating maintainers --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index e141856..1398d0d 100644 --- a/README.md +++ b/README.md @@ -40,7 +40,7 @@ Initially, the associated TC members have designated one or more persons to serv * [Jason Keirstead](mailto:Jason.Keirstead@ca.ibm.com); GitHub ID: [https://github.com/JasonKeirstead](https://github.com/JasonKeirstead); WWW: [IBM](http://www.ibm.com/) * [Emily Ratliff](mailto:Emily.Ratliff@ibm.com); GitHub ID: [https://github.com/ejratl](https://github.com/ejratl); WWW: [IBM](http://www.ibm.com/) - * [Duncan Sparrell](mailto:duncan@sfractal.com); GitHub ID: [https://github.com/sparrell](https://github.com/sparrell); WWW: [sFractal](http://sfractal.com/) + * [Rich Piazza](mailto:rpiazza@mitre.org); GitHub ID: [https://github.com/rpiazza](https://github.com/rpiazza) WWW: [MITRE](http://www.mitre.org/) ## About OASIS TC Open Repositories From a433750aaa1d1ba229465d3eecf3ef3d80bfb2b7 Mon Sep 17 00:00:00 2001 From: Chris Lenk Date: Thu, 14 Mar 2024 09:44:21 -0400 Subject: [PATCH 7/9] Fix network traffic http-request request_header From the 2.1 spec: > The corresponding value for each dictionary key MUST always be a list of type string to support when a header field is repeated. With thanks to @JasperJuergensen for spotting the issue and suggesting the fix. --- schemas/observables/network-traffic.json | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/schemas/observables/network-traffic.json b/schemas/observables/network-traffic.json index 2a4cfb8..86cba60 100644 --- a/schemas/observables/network-traffic.json +++ b/schemas/observables/network-traffic.json @@ -198,7 +198,10 @@ "description": "Specifies all of the HTTP header fields that may be found in the HTTP client request, as a dictionary.", "patternProperties": { "^.+$": { - "type": "string" + "type": "array", + "items": { + "type": "string" + } } }, "additionalProperties": false From c1c9cc436e3bc5366beee4da74a1b436348f23ec Mon Sep 17 00:00:00 2001 From: Chris Lenk Date: Thu, 14 Mar 2024 13:57:03 -0400 Subject: [PATCH 8/9] Allow -ext extensions in SDOs (Not explicitly disallowed by the spec) --- schemas/common/core.json | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/schemas/common/core.json b/schemas/common/core.json index 1e10205..e898440 100644 --- a/schemas/common/core.json +++ b/schemas/common/core.json @@ -109,6 +109,11 @@ "type": "object", "minProperties": 1, "patternProperties": { + "^([a-z][a-z0-9]*)+(-[a-z0-9]+)*\\-ext$": { + "type": "object", + "minProperties": 1, + "allOf": [{ "$ref": "../common/properties.json" }] + }, "^extension-definition--[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-5][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$": { "allOf": [{ "$ref": "../common/extension.json" }] } @@ -148,4 +153,4 @@ "created", "modified" ] -} \ No newline at end of file +} From 2170b992b29486f53205dd003fdf2a0fe7df3b34 Mon Sep 17 00:00:00 2001 From: Chris Lenk Date: Wed, 3 Apr 2024 11:16:18 -0400 Subject: [PATCH 9/9] Use more standard URL for $schema --- schemas/common/binary.json | 2 +- schemas/common/bundle.json | 2 +- schemas/common/cyber-observable-core.json | 2 +- schemas/common/dictionary.json | 2 +- schemas/common/extension-definition.json | 2 +- schemas/common/extension.json | 2 +- schemas/common/external-reference.json | 2 +- schemas/common/granular-marking.json | 2 +- schemas/common/hashes-type.json | 2 +- schemas/common/hex.json | 2 +- schemas/common/identifier.json | 2 +- schemas/common/kill-chain-phase.json | 2 +- schemas/common/language-content.json | 2 +- schemas/common/marking-definition.json | 2 +- schemas/common/properties.json | 2 +- schemas/common/timestamp.json | 2 +- schemas/common/url-regex.json | 2 +- schemas/observables/artifact.json | 2 +- schemas/observables/autonomous-system.json | 2 +- schemas/observables/directory.json | 2 +- schemas/observables/domain-name.json | 2 +- schemas/observables/email-addr.json | 2 +- schemas/observables/email-message.json | 2 +- schemas/observables/file.json | 2 +- schemas/observables/ipv4-addr.json | 2 +- schemas/observables/ipv6-addr.json | 2 +- schemas/observables/mac-addr.json | 2 +- schemas/observables/mutex.json | 2 +- schemas/observables/network-traffic.json | 2 +- schemas/observables/process.json | 2 +- schemas/observables/software.json | 2 +- schemas/observables/url.json | 2 +- schemas/observables/user-account.json | 2 +- schemas/observables/windows-registry-key.json | 2 +- schemas/observables/x509-certificate.json | 2 +- schemas/sdos/attack-pattern.json | 2 +- schemas/sdos/campaign.json | 2 +- schemas/sdos/course-of-action.json | 2 +- schemas/sdos/grouping.json | 2 +- schemas/sdos/identity.json | 2 +- schemas/sdos/incident.json | 2 +- schemas/sdos/indicator.json | 2 +- schemas/sdos/infrastructure.json | 2 +- schemas/sdos/intrusion-set.json | 2 +- schemas/sdos/location.json | 2 +- schemas/sdos/malware-analysis.json | 2 +- schemas/sdos/malware.json | 2 +- schemas/sdos/note.json | 2 +- schemas/sdos/observed-data.json | 2 +- schemas/sdos/opinion.json | 2 +- schemas/sdos/report.json | 2 +- schemas/sdos/threat-actor.json | 2 +- schemas/sdos/tool.json | 2 +- schemas/sdos/vulnerability.json | 2 +- schemas/sros/relationship.json | 2 +- 55 files changed, 55 insertions(+), 55 deletions(-) diff --git a/schemas/common/binary.json b/schemas/common/binary.json index 254f0d8..21177bc 100644 --- a/schemas/common/binary.json +++ b/schemas/common/binary.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/binary.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "binary", "description": "The ​binary data type represents a sequence of bytes. In order to allow pattern matching on custom objects, for all properties that use the binary type, the property name MUST end with '_bin'. The JSON MTI serialization represents this as a base64-­encoded string as specified in RFC4648​. Other serializations SHOULD use a native binary type, if available.", "type": "string", diff --git a/schemas/common/bundle.json b/schemas/common/bundle.json index 847d61d..d016cfd 100644 --- a/schemas/common/bundle.json +++ b/schemas/common/bundle.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/bundle.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "bundle", "description": "A Bundle is a collection of arbitrary STIX Objects and Marking Definitions grouped together in a single container.", "type": "object", diff --git a/schemas/common/cyber-observable-core.json b/schemas/common/cyber-observable-core.json index 969d98c..4114b94 100644 --- a/schemas/common/cyber-observable-core.json +++ b/schemas/common/cyber-observable-core.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/cyber-observable-core.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "cyber-observable-core", "description": "Common properties and behavior across all Cyber Observable Objects.", "type": "object", diff --git a/schemas/common/dictionary.json b/schemas/common/dictionary.json index 3a26493..530d464 100644 --- a/schemas/common/dictionary.json +++ b/schemas/common/dictionary.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/dictionary.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "dictionary", "description": "A dictionary captures a set of key/value pairs", "type": "object", diff --git a/schemas/common/extension-definition.json b/schemas/common/extension-definition.json index 060b870..1dccf88 100644 --- a/schemas/common/extension-definition.json +++ b/schemas/common/extension-definition.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/extension-definition.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "extension-definition", "description": "The STIX Extension Definition object allows producers of threat intelligence to extend existing STIX objects or to create entirely new STIX objects in a standardized way.", "type": "object", diff --git a/schemas/common/extension.json b/schemas/common/extension.json index ffd8a08..f483c3e 100644 --- a/schemas/common/extension.json +++ b/schemas/common/extension.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/extension.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "type": "object", "minProperties": 1, "properties": { diff --git a/schemas/common/external-reference.json b/schemas/common/external-reference.json index 632e3ad..3b0abe3 100644 --- a/schemas/common/external-reference.json +++ b/schemas/common/external-reference.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/external-reference.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "external-reference", "description": "External references are used to describe pointers to information represented outside of STIX.", "type": "object", diff --git a/schemas/common/granular-marking.json b/schemas/common/granular-marking.json index c5f664a..56332c8 100644 --- a/schemas/common/granular-marking.json +++ b/schemas/common/granular-marking.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/granular-marking.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "granular-marking", "description": "The granular-marking type defines how the list of marking-definition objects referenced by the marking_refs property to apply to a set of content identified by the list of selectors in the selectors property.", "type": "object", diff --git a/schemas/common/hashes-type.json b/schemas/common/hashes-type.json index 7ee62ed..5af86a9 100644 --- a/schemas/common/hashes-type.json +++ b/schemas/common/hashes-type.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/hashes-type.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "hashes", "description": "The Hashes type represents one or more cryptographic hashes, as a special set of key/value pairs", "type": "object", diff --git a/schemas/common/hex.json b/schemas/common/hex.json index 0f257e0..ea34c1b 100644 --- a/schemas/common/hex.json +++ b/schemas/common/hex.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/hex.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "hex", "description": "The hex data type encodes an array of octets (8-bit bytes) as hexadecimal. The string MUST consist of an even number of hexadecimal characters, which are the digits '0' through '9' and the letters 'a' through 'f'. In order to allow pattern matching on custom objects, all properties that use the hex type, the property name MUST end with '_hex'.", "type": "string", diff --git a/schemas/common/identifier.json b/schemas/common/identifier.json index 923b723..4e9c9fc 100644 --- a/schemas/common/identifier.json +++ b/schemas/common/identifier.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/identifier.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "identifier", "description": "Represents identifiers across the CTI specifications. The format consists of the name of the top-level object being identified, followed by two dashes (--), followed by a UUIDv4.", "type": "string", diff --git a/schemas/common/kill-chain-phase.json b/schemas/common/kill-chain-phase.json index d437b03..9bb6f7f 100644 --- a/schemas/common/kill-chain-phase.json +++ b/schemas/common/kill-chain-phase.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/kill-chain-phase.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "kill-chain-phase", "description": "The kill-chain-phase represents a phase in a kill chain.", "type": "object", diff --git a/schemas/common/language-content.json b/schemas/common/language-content.json index 170e05f..aae1733 100644 --- a/schemas/common/language-content.json +++ b/schemas/common/language-content.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/language-content.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "language-content", "description": "The language-content object represents text content for STIX Objects represented in languages other than that of the original object.", "type": "object", diff --git a/schemas/common/marking-definition.json b/schemas/common/marking-definition.json index 7abd4a7..32fa703 100644 --- a/schemas/common/marking-definition.json +++ b/schemas/common/marking-definition.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/marking-definition.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "marking-definition", "description": "The marking-definition object represents a specific marking.", "type": "object", diff --git a/schemas/common/properties.json b/schemas/common/properties.json index 510ca2e..210bfd7 100644 --- a/schemas/common/properties.json +++ b/schemas/common/properties.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/properties.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "properties", "description": "Rules for custom properties", "patternProperties": { diff --git a/schemas/common/timestamp.json b/schemas/common/timestamp.json index 555b6ef..82c697a 100644 --- a/schemas/common/timestamp.json +++ b/schemas/common/timestamp.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/timestamp.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "timestamp", "description": "Represents timestamps across the CTI specifications. The format is an RFC3339 timestamp, with a required timezone specification of 'Z'.", "type": "string", diff --git a/schemas/common/url-regex.json b/schemas/common/url-regex.json index 4c69a34..a7a96ab 100644 --- a/schemas/common/url-regex.json +++ b/schemas/common/url-regex.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/url-regex.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "url-regex", "description": "Matches a URI according to RFC 3986.", "type": "string", diff --git a/schemas/observables/artifact.json b/schemas/observables/artifact.json index 84bf512..d215123 100644 --- a/schemas/observables/artifact.json +++ b/schemas/observables/artifact.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/artifact.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "artifact", "description": "The Artifact Object permits capturing an array of bytes (8-bits), as a base64-encoded string string, or linking to a file-like payload.", "type": "object", diff --git a/schemas/observables/autonomous-system.json b/schemas/observables/autonomous-system.json index 3279630..b138c2c 100644 --- a/schemas/observables/autonomous-system.json +++ b/schemas/observables/autonomous-system.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/autonomous-system.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "autonomous-system", "description": "The AS object represents the properties of an Autonomous Systems (AS).", "type": "object", diff --git a/schemas/observables/directory.json b/schemas/observables/directory.json index 955171b..e5c85c9 100644 --- a/schemas/observables/directory.json +++ b/schemas/observables/directory.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/directory.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "directory", "description": "The Directory Object represents the properties common to a file system directory.", "type": "object", diff --git a/schemas/observables/domain-name.json b/schemas/observables/domain-name.json index 39de662..22804a5 100644 --- a/schemas/observables/domain-name.json +++ b/schemas/observables/domain-name.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/domain-name.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "domain-name", "description": "The Domain Name represents the properties of a network domain name.", "type": "object", diff --git a/schemas/observables/email-addr.json b/schemas/observables/email-addr.json index 0bba9ff..c3894d2 100644 --- a/schemas/observables/email-addr.json +++ b/schemas/observables/email-addr.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/email-addr.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "email-addr", "description": "The Email Address Object represents a single email address.", "type": "object", diff --git a/schemas/observables/email-message.json b/schemas/observables/email-message.json index e07bdc7..b00d958 100644 --- a/schemas/observables/email-message.json +++ b/schemas/observables/email-message.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/email-message.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "email-message", "description": "The Email Message Object represents an instance of an email message.", "type": "object", diff --git a/schemas/observables/file.json b/schemas/observables/file.json index 31cfc71..b7af12e 100644 --- a/schemas/observables/file.json +++ b/schemas/observables/file.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/file.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "file", "description": "The File Object represents the properties of a file.", "type": "object", diff --git a/schemas/observables/ipv4-addr.json b/schemas/observables/ipv4-addr.json index 9b2c068..4c4e983 100644 --- a/schemas/observables/ipv4-addr.json +++ b/schemas/observables/ipv4-addr.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/ipv4-addr.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "ipv4-addr", "description": "The IPv4 Address Object represents one or more IPv4 addresses expressed using CIDR notation.", "type": "object", diff --git a/schemas/observables/ipv6-addr.json b/schemas/observables/ipv6-addr.json index 48ccf5e..e79dc36 100644 --- a/schemas/observables/ipv6-addr.json +++ b/schemas/observables/ipv6-addr.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/ipv6-addr.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "ipv6-addr", "description": "The IPv6 Address Object represents one or more IPv6 addresses expressed using CIDR notation.", "type": "object", diff --git a/schemas/observables/mac-addr.json b/schemas/observables/mac-addr.json index 03480f3..eb12e87 100644 --- a/schemas/observables/mac-addr.json +++ b/schemas/observables/mac-addr.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/mac-addr.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "mac-addr", "description": "The MAC Address Object represents a single Media Access Control (MAC) address.", "type": "object", diff --git a/schemas/observables/mutex.json b/schemas/observables/mutex.json index 2d8ad28..ab3c725 100644 --- a/schemas/observables/mutex.json +++ b/schemas/observables/mutex.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/mutex.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "mutex", "description": "The Mutex Object represents the properties of a mutual exclusion (mutex) object.", "type": "object", diff --git a/schemas/observables/network-traffic.json b/schemas/observables/network-traffic.json index 86cba60..0b70d7d 100644 --- a/schemas/observables/network-traffic.json +++ b/schemas/observables/network-traffic.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/network-traffic.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "network-traffic", "description": "The Network Traffic Object represents arbitrary network traffic that originates from a source and is addressed to a destination.", "type": "object", diff --git a/schemas/observables/process.json b/schemas/observables/process.json index 2dcfd57..215d0e7 100644 --- a/schemas/observables/process.json +++ b/schemas/observables/process.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/process.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "process", "description": "The Process Object represents common properties of an instance of a computer program as executed on an operating system.", "type": "object", diff --git a/schemas/observables/software.json b/schemas/observables/software.json index fd10dc4..636cbcb 100644 --- a/schemas/observables/software.json +++ b/schemas/observables/software.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/software.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "software", "description": "The Software Object represents high-level properties associated with software, including software products.", "type": "object", diff --git a/schemas/observables/url.json b/schemas/observables/url.json index 5072276..a26e870 100644 --- a/schemas/observables/url.json +++ b/schemas/observables/url.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/url.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "url", "description": "The URL Object represents the properties of a uniform resource locator (URL).", "type": "object", diff --git a/schemas/observables/user-account.json b/schemas/observables/user-account.json index 7d374e9..a66e42a 100644 --- a/schemas/observables/user-account.json +++ b/schemas/observables/user-account.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/user-account.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "user-account", "description": "The User Account Object represents an instance of any type of user account, including but not limited to operating system, device, messaging service, and social media platform accounts.", "type": "object", diff --git a/schemas/observables/windows-registry-key.json b/schemas/observables/windows-registry-key.json index 8634e11..a6a891b 100644 --- a/schemas/observables/windows-registry-key.json +++ b/schemas/observables/windows-registry-key.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/windows-registry-key.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "windows-registry-key", "description": "The Registry Key Object represents the properties of a Windows registry key.", "type": "object", diff --git a/schemas/observables/x509-certificate.json b/schemas/observables/x509-certificate.json index 66bbd53..0ca0284 100644 --- a/schemas/observables/x509-certificate.json +++ b/schemas/observables/x509-certificate.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/x509-certificate.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "x509-certificate", "description": "The X509 Certificate Object represents the properties of an X.509 certificate.", "type": "object", diff --git a/schemas/sdos/attack-pattern.json b/schemas/sdos/attack-pattern.json index e2c27d6..e8bc659 100644 --- a/schemas/sdos/attack-pattern.json +++ b/schemas/sdos/attack-pattern.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/attack-pattern.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "attack-pattern", "description": "Attack Patterns are a type of TTP that describe ways that adversaries attempt to compromise targets. ", "type": "object", diff --git a/schemas/sdos/campaign.json b/schemas/sdos/campaign.json index 07cac45..d5d652d 100644 --- a/schemas/sdos/campaign.json +++ b/schemas/sdos/campaign.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/campaign.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "campaign", "description": "A Campaign is a grouping of adversary behavior that describes a set of malicious activities or attacks that occur over a period of time against a specific set of targets.", "type": "object", diff --git a/schemas/sdos/course-of-action.json b/schemas/sdos/course-of-action.json index 742ae66..30bae88 100644 --- a/schemas/sdos/course-of-action.json +++ b/schemas/sdos/course-of-action.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/course-of-action.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "course-of-action", "description": "A Course of Action is an action taken either to prevent an attack or to respond to an attack that is in progress. ", "type": "object", diff --git a/schemas/sdos/grouping.json b/schemas/sdos/grouping.json index 3d12dd2..1aae14f 100644 --- a/schemas/sdos/grouping.json +++ b/schemas/sdos/grouping.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/grouping.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "grouping", "description": "A Grouping object explicitly asserts that the referenced STIX Objects have a shared content.", "type": "object", diff --git a/schemas/sdos/identity.json b/schemas/sdos/identity.json index 26b1895..1da402f 100644 --- a/schemas/sdos/identity.json +++ b/schemas/sdos/identity.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/identity.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "identity", "description": "Identities can represent actual individuals, organizations, or groups (e.g., ACME, Inc.) as well as classes of individuals, organizations, or groups.", "type": "object", diff --git a/schemas/sdos/incident.json b/schemas/sdos/incident.json index 772d3e8..08805f4 100644 --- a/schemas/sdos/incident.json +++ b/schemas/sdos/incident.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/incident.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "incident", "description": "The Incident object in STIX 2.1 is a stub, to be expanded in future STIX 2 releases.", "type": "object", diff --git a/schemas/sdos/indicator.json b/schemas/sdos/indicator.json index 23f32aa..a19a60f 100644 --- a/schemas/sdos/indicator.json +++ b/schemas/sdos/indicator.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/indicator.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "indicator", "description": "Indicators contain a pattern that can be used to detect suspicious or malicious cyber activity.", "type": "object", diff --git a/schemas/sdos/infrastructure.json b/schemas/sdos/infrastructure.json index 90a5687..7f06973 100644 --- a/schemas/sdos/infrastructure.json +++ b/schemas/sdos/infrastructure.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/infrastructure.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "infrastructure", "description": "Infrastructure objects describe systems, software services, and associated physical or virtual resources.", "type": "object", diff --git a/schemas/sdos/intrusion-set.json b/schemas/sdos/intrusion-set.json index 4e9b53b..db99276 100644 --- a/schemas/sdos/intrusion-set.json +++ b/schemas/sdos/intrusion-set.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/intrusion-set.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "intrusion-set", "description": "An Intrusion Set is a grouped set of adversary behavior and resources with common properties that is believed to be orchestrated by a single organization.", "type": "object", diff --git a/schemas/sdos/location.json b/schemas/sdos/location.json index 0aa981b..7675dc1 100644 --- a/schemas/sdos/location.json +++ b/schemas/sdos/location.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/location.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "location", "description": "A Location represents a geographic location. The location may be described as any, some or all of the following: region (e.g., North America), civic address (e.g. New York, US), latitude and longitude.", "type": "object", diff --git a/schemas/sdos/malware-analysis.json b/schemas/sdos/malware-analysis.json index e12dd32..90ead7b 100644 --- a/schemas/sdos/malware-analysis.json +++ b/schemas/sdos/malware-analysis.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/malware-analysis.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "malware-analysis", "description": "Malware Analysis captures the metadata and results of a particular analysis performed (static or dynamic) on the malware instance or family.", "type": "object", diff --git a/schemas/sdos/malware.json b/schemas/sdos/malware.json index aaa7f33..d4267b5 100644 --- a/schemas/sdos/malware.json +++ b/schemas/sdos/malware.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/malware.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "malware", "description": "Malware is a type of TTP that is also known as malicious code and malicious software, refers to a program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim's data, applications, or operating system (OS) or of otherwise annoying or disrupting the victim.", "type": "object", diff --git a/schemas/sdos/note.json b/schemas/sdos/note.json index 1ae4dba..12490b6 100644 --- a/schemas/sdos/note.json +++ b/schemas/sdos/note.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/note.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "note", "description": "A Note is a comment or note containing informative text to help explain the context of one or more STIX Objects (SDOs or SROs) or to provide additional analysis that is not contained in the original object.", "type": "object", diff --git a/schemas/sdos/observed-data.json b/schemas/sdos/observed-data.json index 7c702e6..6fa2c71 100644 --- a/schemas/sdos/observed-data.json +++ b/schemas/sdos/observed-data.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/observed-data.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "observed-data", "description": "Observed data conveys information that was observed on systems and networks, such as log data or network traffic, using the Cyber Observable specification.", "type": "object", diff --git a/schemas/sdos/opinion.json b/schemas/sdos/opinion.json index 04b62f6..a28aaa4 100644 --- a/schemas/sdos/opinion.json +++ b/schemas/sdos/opinion.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/opinion.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "opinion", "description": "An Opinion is an assessment of the correctness of the information in a STIX Object produced by a different entity and captures the level of agreement or disagreement using a fixed scale.", "type": "object", diff --git a/schemas/sdos/report.json b/schemas/sdos/report.json index dab1592..448d97f 100644 --- a/schemas/sdos/report.json +++ b/schemas/sdos/report.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/report.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "report", "description": "Reports are collections of threat intelligence focused on one or more topics, such as a description of a threat actor, malware, or attack technique, including context and related details.", "type": "object", diff --git a/schemas/sdos/threat-actor.json b/schemas/sdos/threat-actor.json index 9206b7b..fc9bd87 100644 --- a/schemas/sdos/threat-actor.json +++ b/schemas/sdos/threat-actor.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/threat-actor.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "threat-actor", "description": "Threat Actors are actual individuals, groups, or organizations believed to be operating with malicious intent.", "type": "object", diff --git a/schemas/sdos/tool.json b/schemas/sdos/tool.json index 7af850e..cc47dee 100644 --- a/schemas/sdos/tool.json +++ b/schemas/sdos/tool.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/tool.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "tool", "description": "Tools are legitimate software that can be used by threat actors to perform attacks.", "type": "object", diff --git a/schemas/sdos/vulnerability.json b/schemas/sdos/vulnerability.json index 06be3ac..40838e8 100644 --- a/schemas/sdos/vulnerability.json +++ b/schemas/sdos/vulnerability.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/vulnerability.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "vulnerability", "description": "A Vulnerability is a mistake in software that can be directly used by a hacker to gain access to a system or network.", "type": "object", diff --git a/schemas/sros/relationship.json b/schemas/sros/relationship.json index ad9faa5..2957c5a 100644 --- a/schemas/sros/relationship.json +++ b/schemas/sros/relationship.json @@ -1,6 +1,6 @@ { "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sros/relationship.json", - "$schema": "http://json-schema.org/draft/2020-12/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "relationship", "description": "The Relationship object is used to link together two SDOs in order to describe how they are related to each other.", "type": "object",