Open Source Security Event Taxonomy
As many of you know, we have been for some time working on and using a classification system for security events.
We have published this information before and other organizations like OISF (Suricata) and Snort (Sourcefire) are beginning to use our taxonomy to classify security events.
The first version of the classification system has 240 subcategories, based on 20 main categories:
If you are an Alienvault SIEM customer, you know that this is the system that we are using to classify our own information so we are waiting for you feedback/comments/improvements.
You can find the whole classification system here