DataExfiltrationTacticalObjectivesEnum DNS Tunnel

Hi,

could we consider to update a description in DataExfiltrationTacticalObjectivesEnum
Backward compatibility: no change
Priority: low
Com-Vocabulary
Type: Enhancement

suggested is to better reflect exfiltration mechanisms
example: DNS tunneling

suggested change:

```
<xs:enumeration value="exfiltrate via covert channel">
                <xs:annotation>
                    <xs:documentation>The 'exfiltrate via covert channel' value indicates that the malware instance is able to exfiltrate data using a covert channel.</xs:documentation>
                </xs:annotation>
            </xs:enumeration>
```

```
<xs:enumeration value="exfiltrate via covert channel">
                <xs:annotation>
                    <xs:documentation>The 'exfiltrate via covert channel' value indicates that the malware instance is able to exfiltrate data using a covert channel. (e.g., a DNS tunnel, or NTP)</xs:documentation>
                </xs:annotation>
            </xs:enumeration>
```

PS: that would potentialy add more context to DNSActionNameEnum


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

DataExfiltrationTacticalObjectivesEnum DNS Tunnel #92

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

DataExfiltrationTacticalObjectivesEnum DNS Tunnel #92

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions