Merge pull request #1006 from MISP/gallypette-main

Gallypette main
MISP · Jul 24, 2024 · 747a7b4 · 747a7b4
2 parents 284671e + 4de82a7
commit 747a7b4
Show file tree

Hide file tree

Showing 15 changed files with 44,916 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -403,6 +403,54 @@ Category: *sector* - source: *North American Industry Classification System - NA
 
 [[HTML](https://www.misp-galaxy.org/naics)] - [[JSON](https://github.com/MISP/misp-galaxy/blob/main/clusters/naics.json)]
 
+## NICE Competency areas
+
+[NICE Competency areas](https://www.misp-galaxy.org/nice-framework-competency_areas) - Competency areas based on the NIST NICE framework
+
+Category: *workforce* - source: *https://csrc.nist.gov/pubs/sp/800/181/r1/final* - total: *11* elements
+
+[[HTML](https://www.misp-galaxy.org/nice-framework-competency_areas)] - [[JSON](https://github.com/MISP/misp-galaxy/blob/main/clusters/nice-framework-competency_areas.json)]
+
+## NICE Knowledges
+
+[NICE Knowledges](https://www.misp-galaxy.org/nice-framework-knowledges) - Knowledge based on the NIST NICE framework
+
+Category: *workforce* - source: *https://csrc.nist.gov/pubs/sp/800/181/r1/final* - total: *640* elements
+
+[[HTML](https://www.misp-galaxy.org/nice-framework-knowledges)] - [[JSON](https://github.com/MISP/misp-galaxy/blob/main/clusters/nice-framework-knowledges.json)]
+
+## OPM codes in cybersecurity
+
+[OPM codes in cybersecurity](https://www.misp-galaxy.org/nice-framework-opm_codes) - Office of Personnel Management codes in cybersecurity
+
+Category: *workforce* - source: *https://dw.opm.gov/datastandards/referenceData/2273/current* - total: *52* elements
+
+[[HTML](https://www.misp-galaxy.org/nice-framework-opm_codes)] - [[JSON](https://github.com/MISP/misp-galaxy/blob/main/clusters/nice-framework-opm_codes.json)]
+
+## NICE Skills
+
+[NICE Skills](https://www.misp-galaxy.org/nice-framework-skills) - Skills based on the NIST NICE framework
+
+Category: *workforce* - source: *https://csrc.nist.gov/pubs/sp/800/181/r1/final* - total: *556* elements
+
+[[HTML](https://www.misp-galaxy.org/nice-framework-skills)] - [[JSON](https://github.com/MISP/misp-galaxy/blob/main/clusters/nice-framework-skills.json)]
+
+## NICE Tasks
+
+[NICE Tasks](https://www.misp-galaxy.org/nice-framework-tasks) - Tasks based on the NIST NICE framework
+
+Category: *workforce* - source: *https://csrc.nist.gov/pubs/sp/800/181/r1/final* - total: *1084* elements
+
+[[HTML](https://www.misp-galaxy.org/nice-framework-tasks)] - [[JSON](https://github.com/MISP/misp-galaxy/blob/main/clusters/nice-framework-tasks.json)]
+
+## NICE Work Roles
+
+[NICE Work Roles](https://www.misp-galaxy.org/nice-framework-work_roles) - Work roles based on the NIST NICE framework
+
+Category: *workforce* - source: *https://csrc.nist.gov/pubs/sp/800/181/r1/final* - total: *52* elements
+
+[[HTML](https://www.misp-galaxy.org/nice-framework-work_roles)] - [[JSON](https://github.com/MISP/misp-galaxy/blob/main/clusters/nice-framework-work_roles.json)]
+
 ## o365-exchange-techniques
 
 [o365-exchange-techniques](https://www.misp-galaxy.org/o365-exchange-techniques) - o365-exchange-techniques - Office365/Exchange related techniques by @johnLaTwC and @inversecos

diff --git a/clusters/nice-framework-competency_areas.json b/clusters/nice-framework-competency_areas.json
@@ -0,0 +1,81 @@
+{
+  "authors": [
+    "NIST",
+    "Jean-Louis Huynen"
+  ],
+  "category": "workforce",
+  "description": "Competency areas based on the NIST NICE framework",
+  "name": "NICE Competency areas",
+  "source": "https://csrc.nist.gov/pubs/sp/800/181/r1/final",
+  "type": "nice-framework-competency_areas",
+  "uuid": "91696bc7-ede9-4875-8814-768bd5c99c66",
+  "values": [
+    {
+      "description": "This Competency Area describes a learner’s capabilities to improve and maintain the security of Operational Technology (OT) systems while addressing their unique performance, reliability, and safety requirements.",
+      "related": [],
+      "uuid": "b1658e7f-bcfd-5100-a17d-f94c109ca552",
+      "value": "This Competency Area describes a learner’s capabilities to improve and maintain the security of Operational Technology (OT) systems while addressing t - NF-COM-010"
+    },
+    {
+      "description": "This Competency Area describes a learner’s capabilities to analyze and control digital and physical risks presented by technology products or services purchased from parties outside your organization.",
+      "related": [],
+      "uuid": "7c89be28-ac79-51ee-b62c-df33c371f613",
+      "value": "This Competency Area describes a learner’s capabilities to analyze and control digital and physical risks presented by technology products or services - NF-COM-011"
+    },
+    {
+      "description": "This Competency Area describes a learner’s capabilities to install, administer, troubleshoot, backup, and conduct recovery of Operating Systems (OS), including in simulated environments.",
+      "related": [],
+      "uuid": "c3fb0728-7db4-59e6-b6c0-d1cca586ef6e",
+      "value": "This Competency Area describes a learner’s capabilities to install, administer, troubleshoot, backup, and conduct recovery of Operating Systems (OS),  - NF-COM-009"
+    },
+    {
+      "description": "This Competency Area describes a learner’s capability related to architecting, designing, developing, implementing, and maintaining the trustworthiness of systems that use or are enabled by cyber resources in order to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises that use or are enabled by cyber resources.",
+      "related": [],
+      "uuid": "ddf2e1b8-56d8-5553-ba0e-291dbaff59ae",
+      "value": "This Competency Area describes a learner’s capability related to architecting, designing, developing, implementing, and maintaining the trustworthines - NF-COM-007"
+    },
+    {
+      "description": "This Competency Area describes a learner’s capabilities to integrate security as a shared responsibility throughout the development, security, and operations (DevSecOps) life cycle of technologies.",
+      "related": [],
+      "uuid": "f5697a53-c4b7-51e5-84fa-86f6df705fa7",
+      "value": "This Competency Area describes a learner’s capabilities to integrate security as a shared responsibility throughout the development, security, and ope - NF-COM-008"
+    },
+    {
+      "description": "This Competency Area describes a learner’s capabilities to secure the transmissions, broadcasting, switching, control, and operation of communications and related network infrastructures.",
+      "related": [],
+      "uuid": "408d10be-0abd-5d1b-b63b-c71e4d0db1a2",
+      "value": "This Competency Area describes a learner’s capabilities to secure the transmissions, broadcasting, switching, control, and operation of communications - NF-COM-005"
+    },
+    {
+      "description": "This Competency Area describes a learner’s capabilities to transform data using cryptographic processes to ensure it can only be read by the person who is authorized to access it.",
+      "related": [],
+      "uuid": "116b4db6-2836-5f25-a04d-7eaa679e790f",
+      "value": "This Competency Area describes a learner’s capabilities to transform data using cryptographic processes to ensure it can only be read by the person wh - NF-COM-006"
+    },
+    {
+      "description": "This Competency Area describes a learner’s capabilities to conduct and maintain an accurate inventory of all digital assets, to include identifying, developing, operating, maintaining, upgrading, and disposing of assets.",
+      "related": [],
+      "uuid": "f5ad1aef-b82b-5680-9773-28e219c4dd27",
+      "value": "This Competency Area describes a learner’s capabilities to conduct and maintain an accurate inventory of all digital assets, to include identifying, d - NF-COM-003"
+    },
+    {
+      "description": "This Competency Area describes a learner’s capabilities to protect cloud data, applications, and infrastructure from internal and external threats.",
+      "related": [],
+      "uuid": "fba7a20e-d646-550b-b413-4e7dd35defeb",
+      "value": "This Competency Area describes a learner’s capabilities to protect cloud data, applications, and infrastructure from internal and external threats. - NF-COM-004"
+    },
+    {
+      "description": "This Competency Area describes a learner’s capabilities to define, manage, and monitor the roles and secure access privileges of who is authorized to access protected data and resources and understand the impact of different types of access controls.",
+      "related": [],
+      "uuid": "9af5d9ff-5221-584f-abf3-12cb5bc9df18",
+      "value": "This Competency Area describes a learner’s capabilities to define, manage, and monitor the roles and secure access privileges of who is authorized to  - NF-COM-001"
+    },
+    {
+      "description": "This Competency Area describes a learner’s capabilities to secure Artificial Intelligence (AI) against cyberattacks, to ensure it is adequately contained where it is used, and to mitigate the threat AI presents where it or its users have malicious intent.",
+      "related": [],
+      "uuid": "9f3d059b-73ae-557d-a928-c3ac62f06b8f",
+      "value": "This Competency Area describes a learner’s capabilities to secure Artificial Intelligence (AI) against cyberattacks, to ensure it is adequately contai - NF-COM-002"
+    }
+  ],
+  "version": 1
+}