Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Motivations in ThreatActor could be defined better #332

Open
rpiazza opened this issue Jan 7, 2025 · 1 comment
Open

Motivations in ThreatActor could be defined better #332

rpiazza opened this issue Jan 7, 2025 · 1 comment

Comments

@rpiazza
Copy link
Contributor

rpiazza commented Jan 7, 2025

The Threat Actor SDO has two properties: primary_motivation and secondary_motivations. Both are optional. However, there is no normative language about how they relate to each other. For instance, should you have secondary motivations if you don't populate the primary_motivation property?
@jordan2175
Copy link

I believe the idea was, you may or may not know the primary reason they are doing what they are doing, but you have intel into a bunch of "secondary" reasons for it. Or the primary reason is classified, and you can only share the secondary. But I do admit that it is a bit weird. But people complained when we had just a list of motivations since they said there needs to be a "primary". I know you know this, I am just putting it here for the record.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rpiazza @jordan2175