├── CODE_OF_CONDUCT.md
├── CONTRIBUTING.md
├── LICENSE.md
├── OCA-1.png
├── Presentations
    ├── CASP Summary for IoB July 2023.pdf
    ├── IOB WG Overview for Behavior Bundle Revision 2.pdf
    ├── IOB WG Overview.pdf
    ├── OCA Indicator of Behavior Borderless Cyber 2023.pdf
    ├── OCA_IOB_Technical_Overview.pdf
    ├── Open_Standards_for_2023_ EU_Attack_Workshop.pdf
    └── TIPS_2025_IOB_WORKSHOP
    │   ├── Detections and Correlations
    │       ├── AbnormalExecution_Sigma.yml
    │       ├── NTDScopy_Sigma.yml
    │       ├── PowerView_Sigma.yml
    │       └── SparkRainstormCorr.bpmn
    │   ├── IOB STIX Extensions
    │       ├── x-oca-behavior.json
    │       ├── x-oca-detection.json
    │       └── x-oca-playbook.json
    │   ├── IOB Workshop TIPS.pdf
    │   ├── STIX Modeler Icons
    │       ├── Behavior.png
    │       ├── detection.png
    │       └── playbook.png
    │   ├── SparkRainstorm.json
    │   └── SparkRainstorm_ThreatBulletin.pdf
├── README.md
├── STIX2NEO4J Converter
    ├── LICENSE
    ├── README.md
    ├── STIX2NEO4J.py
    ├── requirements.txt
    └── style.grass
├── apl_reference_implementation_bundle
    ├── Living_Off_The_Land
    │   ├── Living_Off_The_Land.json
    │   ├── Living_off_the_Land_IOB_Bundle_Overview.pdf
    │   └── README.md
    ├── Simple_Network_IOB_Sample
    │   └── Simple_Network_IOB_Sample.json
    ├── revision_0
    │   ├── BehaviorBundle_rev0.json
    │   ├── Overview of Machine Readable Adverary Behavior Object Revision 0.pdf
    │   └── README.md
    ├── revision_1
    │   ├── BehaviorBundle_rev1.json
    │   ├── Overview of Machine Readable Adverary Behavior Object Revision 1.pdf
    │   └── README.md
    ├── revision_2
    │   ├── BehaviorBundle.json
    │   ├── Overview of Machine Readable Adverary Behavior Object Revision 2.pdf
    │   ├── README.md
    │   └── schemas
    │   │   ├── README.md
    │   │   ├── observables
    │   │       ├── extended-network-traffic.json
    │   │       ├── extended-process.json
    │   │       └── extended-windows-registry-key.json
    │   │   └── sdos
    │   │       ├── behavior.json
    │   │       ├── course-of-action.json
    │   │       ├── detection-group.json
    │   │       ├── detection.json
    │   │       ├── detector.json
    │   │       └── playbook.json
    ├── revision_3
    │   ├── BehaviorBundle.json
    │   ├── Overview of Machine Readable Adverary Behavior Object Revision 3.pdf
    │   ├── README.md
    │   └── schemas
    │   │   ├── README.md
    │   │   ├── observables
    │   │       ├── extended-network-traffic.json
    │   │       ├── extended-process.json
    │   │       └── extended-windows-registry-key.json
    │   │   └── sdos
    │   │       ├── x-oca-behavior.json
    │   │       ├── x-oca-coa-playbook-ext.json
    │   │       ├── x-oca-detection.json
    │   │       ├── x-oca-detector.json
    │   │       └── x-oca-playbook.json
    └── revision_4
    │   ├── BehaviorBundle.json
    │   ├── Overview of Machine Readable Adverary Behavior Object Revision 4.pdf
    │   └── README.md
├── charter.md
└── iob_use_cases
    ├── LICENSE
    ├── README.md
    ├── images
        ├── BehaviorBundle_Use_Cases.png
        ├── CreateBundle.png
        ├── Create_Bundle_sequence.png
        ├── CustomizeCorrelations.png
        ├── CustomizeDetections.png
        ├── CustomizeMitigations.png
        ├── Customize_Correlations_sequence.png
        ├── Customize_Detections_sequence.png
        ├── Customize_Mitigations_sequence.png
        ├── FormatBundle.png
        ├── Format_Behavior_Bundle_sequence.png
        ├── OCA-1.png
        ├── ReceiveBundle.png
        ├── Receive_Bundle_sequence.png
        ├── ShareBundle.png
        ├── Share_Bundle_sequence.png
        ├── Simple_BPMN_Guide.png
        ├── UpdateBundle.png
        └── Update_Bundle_sequence.png
    └── use_cases
        ├── Create_Bundle
            ├── CreateBundle.bpmn
            └── README.md
        ├── Customize_Correlations
            ├── CustomizeCorrelations.bpmn
            └── README.md
        ├── Customize_Detections
            ├── CustomizeDetections.bpmn
            └── README.md
        ├── Customize_Mitigations
            ├── CustomizeMitigations.bpmn
            └── README.md
        ├── Format_Bundle
            ├── FormatBundle.bpmn
            └── README.md
        ├── Receive_Bundle
            ├── README.md
            └── ReceiveBundle.bpmn
        ├── Share_Bundle
            ├── README.md
            └── ShareBundle.bpmn
        └── Update_Bundle
            ├── README.md
            └── Update Bundle.bpmn


/CODE_OF_CONDUCT.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/CODE_OF_CONDUCT.md


--------------------------------------------------------------------------------
/CONTRIBUTING.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/CONTRIBUTING.md


--------------------------------------------------------------------------------
/LICENSE.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/LICENSE.md


--------------------------------------------------------------------------------
/OCA-1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/OCA-1.png


--------------------------------------------------------------------------------
/Presentations/CASP Summary for IoB July 2023.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/Presentations/CASP Summary for IoB July 2023.pdf


--------------------------------------------------------------------------------
/Presentations/IOB WG Overview for Behavior Bundle Revision 2.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/Presentations/IOB WG Overview for Behavior Bundle Revision 2.pdf


--------------------------------------------------------------------------------
/Presentations/IOB WG Overview.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/Presentations/IOB WG Overview.pdf


--------------------------------------------------------------------------------
/Presentations/OCA Indicator of Behavior Borderless Cyber 2023.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/Presentations/OCA Indicator of Behavior Borderless Cyber 2023.pdf


--------------------------------------------------------------------------------
/Presentations/OCA_IOB_Technical_Overview.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/Presentations/OCA_IOB_Technical_Overview.pdf


--------------------------------------------------------------------------------
/Presentations/Open_Standards_for_2023_ EU_Attack_Workshop.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/Presentations/Open_Standards_for_2023_ EU_Attack_Workshop.pdf


--------------------------------------------------------------------------------
/Presentations/TIPS_2025_IOB_WORKSHOP/Detections and Correlations/AbnormalExecution_Sigma.yml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/Presentations/TIPS_2025_IOB_WORKSHOP/Detections and Correlations/AbnormalExecution_Sigma.yml


--------------------------------------------------------------------------------
/Presentations/TIPS_2025_IOB_WORKSHOP/Detections and Correlations/NTDScopy_Sigma.yml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/Presentations/TIPS_2025_IOB_WORKSHOP/Detections and Correlations/NTDScopy_Sigma.yml


--------------------------------------------------------------------------------
/Presentations/TIPS_2025_IOB_WORKSHOP/Detections and Correlations/PowerView_Sigma.yml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/Presentations/TIPS_2025_IOB_WORKSHOP/Detections and Correlations/PowerView_Sigma.yml


--------------------------------------------------------------------------------
/Presentations/TIPS_2025_IOB_WORKSHOP/Detections and Correlations/SparkRainstormCorr.bpmn:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/Presentations/TIPS_2025_IOB_WORKSHOP/Detections and Correlations/SparkRainstormCorr.bpmn


--------------------------------------------------------------------------------
/Presentations/TIPS_2025_IOB_WORKSHOP/IOB STIX Extensions/x-oca-behavior.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/Presentations/TIPS_2025_IOB_WORKSHOP/IOB STIX Extensions/x-oca-behavior.json


--------------------------------------------------------------------------------
/Presentations/TIPS_2025_IOB_WORKSHOP/IOB STIX Extensions/x-oca-detection.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/Presentations/TIPS_2025_IOB_WORKSHOP/IOB STIX Extensions/x-oca-detection.json


--------------------------------------------------------------------------------
/Presentations/TIPS_2025_IOB_WORKSHOP/IOB STIX Extensions/x-oca-playbook.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/Presentations/TIPS_2025_IOB_WORKSHOP/IOB STIX Extensions/x-oca-playbook.json


--------------------------------------------------------------------------------
/Presentations/TIPS_2025_IOB_WORKSHOP/IOB Workshop TIPS.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/Presentations/TIPS_2025_IOB_WORKSHOP/IOB Workshop TIPS.pdf


--------------------------------------------------------------------------------
/Presentations/TIPS_2025_IOB_WORKSHOP/STIX Modeler Icons/Behavior.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/Presentations/TIPS_2025_IOB_WORKSHOP/STIX Modeler Icons/Behavior.png


--------------------------------------------------------------------------------
/Presentations/TIPS_2025_IOB_WORKSHOP/STIX Modeler Icons/detection.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/Presentations/TIPS_2025_IOB_WORKSHOP/STIX Modeler Icons/detection.png


--------------------------------------------------------------------------------
/Presentations/TIPS_2025_IOB_WORKSHOP/STIX Modeler Icons/playbook.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/Presentations/TIPS_2025_IOB_WORKSHOP/STIX Modeler Icons/playbook.png


--------------------------------------------------------------------------------
/Presentations/TIPS_2025_IOB_WORKSHOP/SparkRainstorm.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/Presentations/TIPS_2025_IOB_WORKSHOP/SparkRainstorm.json


--------------------------------------------------------------------------------
/Presentations/TIPS_2025_IOB_WORKSHOP/SparkRainstorm_ThreatBulletin.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/Presentations/TIPS_2025_IOB_WORKSHOP/SparkRainstorm_ThreatBulletin.pdf


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/README.md


--------------------------------------------------------------------------------
/STIX2NEO4J Converter/LICENSE:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/STIX2NEO4J Converter/LICENSE


--------------------------------------------------------------------------------
/STIX2NEO4J Converter/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/STIX2NEO4J Converter/README.md


--------------------------------------------------------------------------------
/STIX2NEO4J Converter/STIX2NEO4J.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/STIX2NEO4J Converter/STIX2NEO4J.py


--------------------------------------------------------------------------------
/STIX2NEO4J Converter/requirements.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/STIX2NEO4J Converter/requirements.txt


--------------------------------------------------------------------------------
/STIX2NEO4J Converter/style.grass:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/STIX2NEO4J Converter/style.grass


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/Living_Off_The_Land/Living_Off_The_Land.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/Living_Off_The_Land/Living_Off_The_Land.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/Living_Off_The_Land/Living_off_the_Land_IOB_Bundle_Overview.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/Living_Off_The_Land/Living_off_the_Land_IOB_Bundle_Overview.pdf


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/Living_Off_The_Land/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/Living_Off_The_Land/README.md


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/Simple_Network_IOB_Sample/Simple_Network_IOB_Sample.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/Simple_Network_IOB_Sample/Simple_Network_IOB_Sample.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_0/BehaviorBundle_rev0.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_0/BehaviorBundle_rev0.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_0/Overview of Machine Readable Adverary Behavior Object Revision 0.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_0/Overview of Machine Readable Adverary Behavior Object Revision 0.pdf


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_0/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_0/README.md


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_1/BehaviorBundle_rev1.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_1/BehaviorBundle_rev1.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_1/Overview of Machine Readable Adverary Behavior Object Revision 1.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_1/Overview of Machine Readable Adverary Behavior Object Revision 1.pdf


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_1/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_1/README.md


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_2/BehaviorBundle.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_2/BehaviorBundle.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_2/Overview of Machine Readable Adverary Behavior Object Revision 2.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_2/Overview of Machine Readable Adverary Behavior Object Revision 2.pdf


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_2/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_2/README.md


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_2/schemas/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_2/schemas/README.md


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_2/schemas/observables/extended-network-traffic.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_2/schemas/observables/extended-network-traffic.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_2/schemas/observables/extended-process.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_2/schemas/observables/extended-process.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_2/schemas/observables/extended-windows-registry-key.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_2/schemas/observables/extended-windows-registry-key.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_2/schemas/sdos/behavior.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_2/schemas/sdos/behavior.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_2/schemas/sdos/course-of-action.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_2/schemas/sdos/course-of-action.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_2/schemas/sdos/detection-group.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_2/schemas/sdos/detection-group.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_2/schemas/sdos/detection.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_2/schemas/sdos/detection.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_2/schemas/sdos/detector.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_2/schemas/sdos/detector.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_2/schemas/sdos/playbook.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_2/schemas/sdos/playbook.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_3/BehaviorBundle.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_3/BehaviorBundle.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_3/Overview of Machine Readable Adverary Behavior Object Revision 3.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_3/Overview of Machine Readable Adverary Behavior Object Revision 3.pdf


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_3/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_3/README.md


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_3/schemas/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_3/schemas/README.md


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_3/schemas/observables/extended-network-traffic.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_3/schemas/observables/extended-network-traffic.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_3/schemas/observables/extended-process.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_3/schemas/observables/extended-process.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_3/schemas/observables/extended-windows-registry-key.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_3/schemas/observables/extended-windows-registry-key.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_3/schemas/sdos/x-oca-behavior.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_3/schemas/sdos/x-oca-behavior.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_3/schemas/sdos/x-oca-coa-playbook-ext.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_3/schemas/sdos/x-oca-coa-playbook-ext.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_3/schemas/sdos/x-oca-detection.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_3/schemas/sdos/x-oca-detection.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_3/schemas/sdos/x-oca-detector.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_3/schemas/sdos/x-oca-detector.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_3/schemas/sdos/x-oca-playbook.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_3/schemas/sdos/x-oca-playbook.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_4/BehaviorBundle.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_4/BehaviorBundle.json


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_4/Overview of Machine Readable Adverary Behavior Object Revision 4.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_4/Overview of Machine Readable Adverary Behavior Object Revision 4.pdf


--------------------------------------------------------------------------------
/apl_reference_implementation_bundle/revision_4/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/apl_reference_implementation_bundle/revision_4/README.md


--------------------------------------------------------------------------------
/charter.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/charter.md


--------------------------------------------------------------------------------
/iob_use_cases/LICENSE:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/LICENSE


--------------------------------------------------------------------------------
/iob_use_cases/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/README.md


--------------------------------------------------------------------------------
/iob_use_cases/images/BehaviorBundle_Use_Cases.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/images/BehaviorBundle_Use_Cases.png


--------------------------------------------------------------------------------
/iob_use_cases/images/CreateBundle.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/images/CreateBundle.png


--------------------------------------------------------------------------------
/iob_use_cases/images/Create_Bundle_sequence.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/images/Create_Bundle_sequence.png


--------------------------------------------------------------------------------
/iob_use_cases/images/CustomizeCorrelations.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/images/CustomizeCorrelations.png


--------------------------------------------------------------------------------
/iob_use_cases/images/CustomizeDetections.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/images/CustomizeDetections.png


--------------------------------------------------------------------------------
/iob_use_cases/images/CustomizeMitigations.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/images/CustomizeMitigations.png


--------------------------------------------------------------------------------
/iob_use_cases/images/Customize_Correlations_sequence.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/images/Customize_Correlations_sequence.png


--------------------------------------------------------------------------------
/iob_use_cases/images/Customize_Detections_sequence.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/images/Customize_Detections_sequence.png


--------------------------------------------------------------------------------
/iob_use_cases/images/Customize_Mitigations_sequence.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/images/Customize_Mitigations_sequence.png


--------------------------------------------------------------------------------
/iob_use_cases/images/FormatBundle.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/images/FormatBundle.png


--------------------------------------------------------------------------------
/iob_use_cases/images/Format_Behavior_Bundle_sequence.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/images/Format_Behavior_Bundle_sequence.png


--------------------------------------------------------------------------------
/iob_use_cases/images/OCA-1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/images/OCA-1.png


--------------------------------------------------------------------------------
/iob_use_cases/images/ReceiveBundle.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/images/ReceiveBundle.png


--------------------------------------------------------------------------------
/iob_use_cases/images/Receive_Bundle_sequence.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/images/Receive_Bundle_sequence.png


--------------------------------------------------------------------------------
/iob_use_cases/images/ShareBundle.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/images/ShareBundle.png


--------------------------------------------------------------------------------
/iob_use_cases/images/Share_Bundle_sequence.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/images/Share_Bundle_sequence.png


--------------------------------------------------------------------------------
/iob_use_cases/images/Simple_BPMN_Guide.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/images/Simple_BPMN_Guide.png


--------------------------------------------------------------------------------
/iob_use_cases/images/UpdateBundle.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/images/UpdateBundle.png


--------------------------------------------------------------------------------
/iob_use_cases/images/Update_Bundle_sequence.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/images/Update_Bundle_sequence.png


--------------------------------------------------------------------------------
/iob_use_cases/use_cases/Create_Bundle/CreateBundle.bpmn:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/use_cases/Create_Bundle/CreateBundle.bpmn


--------------------------------------------------------------------------------
/iob_use_cases/use_cases/Create_Bundle/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/use_cases/Create_Bundle/README.md


--------------------------------------------------------------------------------
/iob_use_cases/use_cases/Customize_Correlations/CustomizeCorrelations.bpmn:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/use_cases/Customize_Correlations/CustomizeCorrelations.bpmn


--------------------------------------------------------------------------------
/iob_use_cases/use_cases/Customize_Correlations/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/use_cases/Customize_Correlations/README.md


--------------------------------------------------------------------------------
/iob_use_cases/use_cases/Customize_Detections/CustomizeDetections.bpmn:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/use_cases/Customize_Detections/CustomizeDetections.bpmn


--------------------------------------------------------------------------------
/iob_use_cases/use_cases/Customize_Detections/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/use_cases/Customize_Detections/README.md


--------------------------------------------------------------------------------
/iob_use_cases/use_cases/Customize_Mitigations/CustomizeMitigations.bpmn:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/use_cases/Customize_Mitigations/CustomizeMitigations.bpmn


--------------------------------------------------------------------------------
/iob_use_cases/use_cases/Customize_Mitigations/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/use_cases/Customize_Mitigations/README.md


--------------------------------------------------------------------------------
/iob_use_cases/use_cases/Format_Bundle/FormatBundle.bpmn:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/use_cases/Format_Bundle/FormatBundle.bpmn


--------------------------------------------------------------------------------
/iob_use_cases/use_cases/Format_Bundle/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/use_cases/Format_Bundle/README.md


--------------------------------------------------------------------------------
/iob_use_cases/use_cases/Receive_Bundle/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/use_cases/Receive_Bundle/README.md


--------------------------------------------------------------------------------
/iob_use_cases/use_cases/Receive_Bundle/ReceiveBundle.bpmn:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/use_cases/Receive_Bundle/ReceiveBundle.bpmn


--------------------------------------------------------------------------------
/iob_use_cases/use_cases/Share_Bundle/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/use_cases/Share_Bundle/README.md


--------------------------------------------------------------------------------
/iob_use_cases/use_cases/Share_Bundle/ShareBundle.bpmn:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/use_cases/Share_Bundle/ShareBundle.bpmn


--------------------------------------------------------------------------------
/iob_use_cases/use_cases/Update_Bundle/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/use_cases/Update_Bundle/README.md


--------------------------------------------------------------------------------
/iob_use_cases/use_cases/Update_Bundle/Update Bundle.bpmn:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/opencybersecurityalliance/oca-iob/HEAD/iob_use_cases/use_cases/Update_Bundle/Update Bundle.bpmn


--------------------------------------------------------------------------------