Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Marking values order: change TLP:AMBER+STRICT to be hierarchically greater than TLP:AMBER #9450

Open
romain-filigran opened this issue Dec 23, 2024 · 2 comments
Open

Marking values order: change TLP:AMBER+STRICT to be hierarchically greater than TLP:AMBER #9450

romain-filigran opened this issue Dec 23, 2024 · 2 comments
Assignees
@aHenryJard @CelineSebe
Labels
bug use for describing something not working as expected

Comments

@romain-filigran
Copy link
Member

Description

It seems more logic to differentiate the order between TLP:AMBER and TLP:AMBER+STRICT has the scope is more restricted in TLP:AMBER+STRICT definition.
TLP:AMBER+STRICT should be hierarchically superior to TLP:AMBER

Environment

  1. OpenCTI version: 6.4.5
@romain-filigran romain-filigran added bug use for describing something not working as expected needs triage use to identify issue needing triage from Filigran Product team labels Dec 23, 2024
@nino-filigran nino-filigran removed the needs triage use to identify issue needing triage from Filigran Product team label Jan 2, 2025
@aHenryJard
Copy link
Member

you means on first platform start ? Like this =>
TLP:AMBER => order = 3
TLP:AMBER+STRICT => order = 4
TLP:RED => order = 5

Because after that users can change the marking order in security > Marking definition

@aHenryJard
Copy link
Member

implementation note: initialization of marking is here

opencti/opencti-platform/opencti-graphql/src/database/data-initialization.js

Lines 137 to 195 in 8a66e8b

const createMarkingDefinitions = async (context) => {
// Create marking defs for TLP
await addAllowedMarkingDefinition(context, SYSTEM_USER, {
definition_type: 'TLP',
definition: 'TLP:CLEAR',
x_opencti_color: '#ffffff',
x_opencti_order: 1,
});
await addAllowedMarkingDefinition(context, SYSTEM_USER, {
definition_type: 'TLP',
definition: 'TLP:GREEN',
x_opencti_color: '#2e7d32',
x_opencti_order: 2,
});
await addAllowedMarkingDefinition(context, SYSTEM_USER, {
definition_type: 'TLP',
definition: 'TLP:AMBER',
x_opencti_color: '#d84315',
x_opencti_order: 3,
});
await addAllowedMarkingDefinition(context, SYSTEM_USER, {
definition_type: 'TLP',
definition: 'TLP:AMBER+STRICT',
x_opencti_color: '#d84315',
x_opencti_order: 3,
});
await addAllowedMarkingDefinition(context, SYSTEM_USER, {
definition_type: 'TLP',
definition: 'TLP:RED',
x_opencti_color: '#c62828',
x_opencti_order: 4,
});
// Creation markings for PAP
await addAllowedMarkingDefinition(context, SYSTEM_USER, {
definition_type: 'PAP',
definition: 'PAP:CLEAR',
x_opencti_color: '#ffffff',
x_opencti_order: 1,
});
await addAllowedMarkingDefinition(context, SYSTEM_USER, {
definition_type: 'PAP',
definition: 'PAP:GREEN',
x_opencti_color: '#2e7d32',
x_opencti_order: 2,
});
await addAllowedMarkingDefinition(context, SYSTEM_USER, {
definition_type: 'PAP',
definition: 'PAP:AMBER',
x_opencti_color: '#d84315',
x_opencti_order: 3,
});
await addAllowedMarkingDefinition(context, SYSTEM_USER, {
definition_type: 'PAP',
definition: 'PAP:RED',
x_opencti_color: '#c62828',
x_opencti_order: 4,
});
};

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@aHenryJard aHenryJard

@CelineSebe CelineSebe

Labels
bug use for describing something not working as expected
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@aHenryJard @CelineSebe @nino-filigran @romain-filigran