VERIS

1. Victim

1.1. victim.victim_id

1.2. victim.industry

1.3. victim.country

1.4. victim.employee_count

1.5. victim.revenue

1.6. victim.locations_affected

1.7. victim.notes

2. Incident

2.1. Actor

2.1.1. external

2.1.1.1. role

2.1.1.2. motive

2.1.1.3. variety

2.1.1.4. country

2.1.1.5. notes

2.1.2. internal

2.1.2.1. role

2.1.2.2. motive

2.1.2.3. variety

2.1.2.4. notes

2.1.3. partner

2.1.3.1. role

2.1.3.2. motive

2.1.3.3. industry

2.1.3.4. country

2.1.3.5. notes

2.1.4. unknown

2.1.4.1. notes

2.2. Action

2.2.1. malware

2.2.1.1. variety

2.2.1.2. vector

2.2.1.3. cve

2.2.1.4. name

2.2.1.5. notes

2.2.2. hacking

2.2.2.1. variety

2.2.2.2. vector

2.2.2.3. cve

2.2.2.4. notes

2.2.3. social

2.2.3.1. variety

2.2.3.2. vector

2.2.3.3. target

2.2.3.4. notes

2.2.4. misuse

2.2.4.1. variety

2.2.4.2. vector

2.2.4.3. notes

2.2.5. physical

2.2.5.1. variety

2.2.5.2. vector

2.2.5.3. location

2.2.5.4. notes

2.2.6. error

2.2.6.1. variety

2.2.6.2. vector

2.2.6.3. notes

2.2.7. environmental

2.2.7.1. variety

2.2.7.2. notes

2.3. Asset

2.3.1. assets

2.3.1.1. variety

2.3.1.1.1. servers

2.3.1.1.2. network

2.3.1.1.3. user devices

2.3.1.1.4. media

2.3.1.1.5. people

2.3.1.2. amount

2.3.2. personal

2.3.3. managed

2.3.4. hosted

2.3.5. country

2.3.6. cloud

2.3.7. notes

2.4. Attribute

2.4.1. confidentiality

2.4.1.1. data_disclosure

2.4.1.2. data_total

2.4.1.3. data

2.4.1.3.1. variety

2.4.1.3.2. amount

2.4.1.4. state

2.4.1.5. notes

2.4.2. integrity

2.4.2.1. variety

2.4.2.2. notes

2.4.3. availability

2.4.3.1. variety

2.4.3.2. duration

2.4.3.2.1. unit

2.4.3.2.2. value

2.4.3.3. notes

3. Tracking

3.1. incident_id

3.2. source_id

3.3. security_compromise

3.4. summary

3.5. related_incidents

3.6. confidence

3.7. notes

4. Response

5. Impact