Rail 15 Password 36 New â€” Rule The

Implementations have discretion over which parts (components, properties, extensions, controlled vocabularies, etc.) of CybOX they implement (e.g., Observable/Object).

[1] Conformant implementations must conform to all normative structural specifications of the UML model or additional normative statements within this document that apply to the portions of CybOX they implement (e.g., implementers of the entire Observable class must conform to all normative structural specifications of the UML model regarding the Observable class or additional normative statements contained in the document that describes the Observable class).

[2] Conformant implementations are free to ignore normative structural specifications of the UML model or additional normative statements within this document that do not apply to the portions of CybOX they implement (e.g., non-implementers of any particular properties of the Observable class are free to ignore all normative structural specifications of the UML model regarding those properties of the Observable class or additional normative statements contained in the document that describes the Observable class).

The conformance section of this document is intentionally broad and attempts to reiterate what already exists in this document.

Appendix A. Acknowledgments

The following individuals have participated in the creation of this specification and are gratefully acknowledged.

Aetna

David Crawford

AIT Austrian Institute of Technology

Roman Fiedler

Florian Skopik

Australia and New Zealand Banking Group (ANZ Bank)

Dean Thompson

Blue Coat Systems, Inc.

Owen Johnson

Bret Jordan

Century Link

Cory Kennedy

CIRCL

Alexandre Dulaunoy

Andras Iklody

Raphaël Vinot

Citrix Systems

Joey Peloquin

Dell

Will Urbanski

Jeff Williams

DTCC

Dan Brown

Gordon Hundley

Chris Koutras

EMC

Robert Griffin

Jeff Odom

Ravi Sharda

Financial Services Information Sharing and Analysis Center (FS-ISAC)

David Eilken

Chris Ricard

Fortinet Inc.

Gavin Chow

Kenichi Terashita

Fujitsu Limited

Neil Edwards

Frederick Hirsch

Ryusuke Masuoka

Daisuke Murabayashi

Google Inc.

Mark Risher

Hitachi, Ltd.

Kazuo Noguchi

Akihito Sawada

Masato Terada

iboss, Inc.

Paul Martini

Individual

Jerome Athias

Peter Brown

Elysa Jones

Sanjiv Kalkar

Bar Lockwood

Terry MacDonald

Alex Pinto

Intel Corporation

Tim Casey

Kent Landfield

JPMorgan Chase Bank, N.A.

Terrence Driscoll

David Laurance

LookingGlass

Allan Thomson

Lee Vorthman

Mitre Corporation

Greg Back

Jonathan Baker

Sean Barnum

Desiree Beck

Nicole Gong

Jasen Jacobsen

Ivan Kirillov

Richard Piazza

Jon Salwen

Charles Schmidt

Emmanuelle Vargas-Gonzalez

John Wunder

National Council of ISACs (NCI)

Scott Algeier

Denise Anderson

Josh Poster

NEC Corporation

Takahiro Kakumaru

North American Energy Standards Board

David Darnell

Object Management Group

Cory Casanave

Palo Alto Networks

Vishaal Hariprasad

Queralt, Inc.

John Tolbert

Resilient Systems, Inc.

Ted Julian

Securonix

Igor Baikalov

Siemens AG

Bernd Grobauer

Soltra

John Anderson

Aishwarya Asok Kumar

Peter Ayasse

Jeff Beekman

Michael Butt

Cynthia Camacho

Aharon Chernin

Mark Clancy

Brady Cotton

Trey Darley

Mark Davidson

Paul Dion

Daniel Dye

Robert Hutto

Raymond Keckler

Ali Khan

Chris Kiehl

Clayton Long

Michael Pepin

Natalie Suarez

David Waters

Benjamin Yates

Symantec Corp.

Curtis Kostrosky

The Boeing Company

Crystal Hayes

ThreatQuotient, Inc.

Ryan Trost

U.S. Bank

Mark Angel

Brad Butts

Brian Fay

Mona Magathan

Yevgen Sautin

US Department of Defense (DoD)

James Bohling

Eoghan Casey

Gary Katz

Jeffrey Mates

VeriSign

Robert Coderre

Kyle Maxwell

Eric Osterweil

Airbus Group SAS

Joerg Eschweiler

Marcos Orallo

Anomali

Ryan Clough

Wei Huang

Hugh Njemanze

Katie Pelusi

Aaron Shelmire

Jason Trost

Bank of America

Alexander Foley

Center for Internet Security (CIS)

Sarah Kelley

Check Point Software Technologies

Ron Davidson

Cisco Systems

Syam Appala

Ted Bedwell

David McGrew

Pavan Reddy

Omar Santos

Jyoti Verma

Cyber Threat Intelligence Network, Inc. (CTIN)

Doug DePeppe

Jane Ginn

Ben Othman

DHS Office of Cybersecurity and Communications (CS&C)

Richard Struse

Marlon Taylor

EclecticIQ

Marko Dragoljevic

Joep Gommers

Sergey Polzunov

Rutger Prins

Andrei Sîrghi

Raymon van der Velde

eSentire, Inc.

Jacob Gajek

FireEye, Inc.

Phillip Boles

Pavan Gorakav

Anuj Kumar

Shyamal Pandya

Paul Patrick

Scott Shreve

Fox-IT

Sarah Brown

Georgetown University

Eric Burger

Hewlett Packard Enterprise (HPE)

Tomas Sander

IBM

Peter Allor

Eldan Ben-Haim

Sandra Hernandez

Jason Keirstead

John Morris

Laura Rusu

Ron Williams

IID

Chris Richardson

Integrated Networking Technologies, Inc.

Patrick Maroney

Johns Hopkins University Applied Physics Laboratory

Karin Marr

Julie Modlin

Mark Moss

Pamela Smith

Kaiser Permanente

Russell Culpepper

Beth Pumo

Lumeta Corporation

Brandon Hoffman

MTG Management Consultants, LLC.

James Cabral

National Security Agency

Mike Boyle

Jessica Fitzgerald-McKay

New Context Services, Inc.

John-Mark Gurney

Christian Hunt

James Moler

Daniel Riedel

Andrew Storms

OASIS

James Bryce Clark

Robin Cover

Chet Ensign

Open Identity Exchange

Don Thibeau

PhishMe Inc.

Josh Larkins

Raytheon Company-SAS

Daniel Wyschogrod

Retail Cyber Intelligence Sharing Center (R-CISC)

Brian Engle

Semper Fortis Solutions

Joseph Brand

Splunk Inc.

Cedric LeRoux

Brian Luger

Kathy Wang

TELUS

Greg Reaume

Alan Steer

Threat Intelligence Pty Ltd

Tyron Miller

Andrew van der Stock

ThreatConnect, Inc.

Wade Baker

Cole Iliff

Andrew Pendergast

Ben Schmoker

Jason Spies

TruSTAR Technology

Chris Roblee

United Kingdom Cabinet Office

Iain Brown

Adam Cooper

Mike McLellan

Chris O’Brien

James Penman

Howard Staple

Chris Taylor

Laurie Thomson

Alastair Treharne

Julian White

Bethany Yates

US Department of Homeland Security

Evette Maynard-Noel

Justin Stekervetz

ViaSat, Inc.

Lee Chieffalo

Wilson Figueroa

Andrew May

Yaana Technologies, LLC

Anthony Rutkowski

The authors would also like to thank the larger CybOX Community for its input and help in reviewing this document.

Appendix B. Revision History

Revision	Date	Editor	Changes Made
wd01	15 December 2015	Desiree Beck Trey Darley Ivan Kirillov Rich Piazza	Initial transfer to OASIS template

Name	Type	Multiplicity	Description
Description	cyboxCommon: StructuredTextType	0..1	The Description property captures a technical description of the Device Object. Any length is permitted. Optional formatting is supported via the structuring_format property of the StructuredTextType class.
Device_Type	cyboxCommon: StringObjectPropertyType	0..1	The Device_Type property specifies the type of the device.
Manufacturer	cyboxCommon: StringObjectPropertyType	0..1	The Manufacturer property specifies the manufacturer of the device.
Model	cyboxCommon: StringObjectPropertyType	0..1	The Model property specifies the model identifier of the device.
Serial_Number	cyboxCommon: StringObjectPropertyType	0..1	The Serial_Number property specifies the serial number of the Device.
Firmware_Version	cyboxCommon: StringObjectPropertyType	0..1	The Firmware_Version property specifies the version of the firmware running on the device.
System_Details	cyboxCommon: ObjectPropertiesType	0..1	The System_Details property captures the details of the system that may be present on the device. It uses the abstract ObjectPropertiesType which permits the specification of any Object; however, it is strongly recommended that the System Object or one of its subtypes be used in this context.

Rail 15 Password 36 New â€” Rule The

Rail 15 Password 36 New â€” Rule The

3.1 DeviceObjectType Class

Rail 15 Password 36 New â€” Rule The