Fill Campaign Details
A campaign is a grouping of adversarial behaviors that describes a set of malicious activities or attacks (sometimes called waves) that occur over a period of time against a specific set of targets.
Basic Details
Field Name | Required | Description |
|---|---|---|
Name | Mandatory | Specify the name of the campaign. |
Description | Optional | Specify the additional details and context of the campaign. |
First Seen* | Optional | Specify the date this campaign was first seen. |
Last Seen* | Optional | Specify the date this campaign was last seen. |
Aliases | Optional | Specify any alternate names for this campaign object. |
Objective | Optional | Specify the motive or goal that an intrusion set or a threat actor wants to accomplish using this campaign. |
*For more information about dates, see General FAQs.
Common Fields
Field Name | Description |
|---|---|
Tags | Specify the tags for the campain. |
TLP | Specify the TLP, such as RED, AMBER, GREEN, WHITE, and NONE for the campaign. |
Created by Reference | Specify the entity that created this campaign. |
Revoked | Select this option to mark the component as revoked or invalid. |
Custom Attributes
Field name | Description |
|---|---|
Add Custom Attributes | Specify the additional information that helps in improving the threat intelligence details. CTIX displays custom attributes created in Administration > Custom Entities Management. You can create multiple custom attributes for the vulnerability. |
External References
Use external references to include any non-STIX information that you may want to associate with this object.
Field Name | Description |
|---|---|
Source Name | Enter a source name. |
Description | Enter a description. |
External ID | Enter an external ID. |
URL | Enter the URL of the external reference. |
Hash Type | Select the hash type. |
Hash Value | Enter the hash value. |