File Coverage

blib/lib/STIX/ThreatActor.pm
Criterion Covered Total %
statement 41 41 100.0
branch n/a
condition n/a
subroutine 14 14 100.0
pod n/a
total 55 55 100.0


line stmt bran cond sub pod time code
1             package STIX::ThreatActor;
2              
3 24     24   528 use 5.010001;
  24         150  
4 24     24   159 use strict;
  24         52  
  24         675  
5 24     24   115 use warnings;
  24         77  
  24         1435  
6 24     24   153 use utf8;
  24         66  
  24         197  
7              
8 24     24   909 use STIX::Common::List;
  24         54  
  24         892  
9 24     24   168 use STIX::Common::OpenVocabulary;
  24         72  
  24         1208  
10 24     24   191 use Types::Standard qw(Str Enum InstanceOf);
  24         108  
  24         342  
11 24     24   110763 use Types::TypeTiny qw(ArrayLike);
  24         69  
  24         220  
12              
13 24     24   14582 use Moo;
  24         67  
  24         218  
14 24     24   11680 use namespace::autoclean;
  24         61  
  24         291  
15              
16             extends 'STIX::Common::Properties';
17              
18 24         3008 use constant SCHEMA =>
19 24     24   2987 'http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/threat-actor.json';
  24         71  
20              
21 24         1964 use constant PROPERTIES => (
22             qw(type spec_version id created modified),
23             qw(created_by_ref revoked labels confidence lang external_references object_marking_refs granular_markings extensions),
24             qw(name description threat_actor_types aliases first_seen last_seen roles goals sophistication resource_level primary_motivation secondary_motivations personal_motivations)
25 24     24   182 );
  24         54  
26              
27 24     24   296 use constant STIX_OBJECT => 'SDO';
  24         67  
  24         1395  
28 24     24   163 use constant STIX_OBJECT_TYPE => 'threat-actor';
  24         74  
  24         13853  
29              
30             has name => (is => 'rw', isa => Str, required => 1);
31             has description => (is => 'rw', isa => Str);
32              
33             has threat_actor_types => (
34             is => 'rw',
35             isa => ArrayLike [Enum [STIX::Common::OpenVocabulary->THREAT_ACTOR_TYPE()]],
36             default => sub { STIX::Common::List->new }
37             );
38              
39             has aliases => (is => 'rw', isa => ArrayLike [Str], default => sub { STIX::Common::List->new });
40              
41             has first_seen => (
42             is => 'rw',
43             isa => InstanceOf ['STIX::Common::Timestamp'],
44             coerce => sub { ref($_[0]) ? $_[0] : STIX::Common::Timestamp->new($_[0]) },
45             );
46              
47             has last_seen => (
48             is => 'rw',
49             isa => InstanceOf ['STIX::Common::Timestamp'],
50             coerce => sub { ref($_[0]) ? $_[0] : STIX::Common::Timestamp->new($_[0]) },
51             );
52              
53             has roles => (
54             is => 'rw',
55             isa => ArrayLike [Enum [STIX::Common::OpenVocabulary->THREAT_ACTOR_ROLE()]],
56             default => sub { STIX::Common::List->new }
57             );
58              
59             has goals => (is => 'rw', isa => ArrayLike [Str], default => sub { STIX::Common::List->new });
60             has sophistication => (is => 'rw', isa => Enum [STIX::Common::OpenVocabulary->THREAT_ACTOR_SOPHISTICATION()]);
61             has resource_level => (is => 'rw', isa => Enum [STIX::Common::OpenVocabulary->ATTACK_RESOURCE_LEVEL()]);
62             has primary_motivation => (is => 'rw', isa => Enum [STIX::Common::OpenVocabulary->ATTACK_MOTIVATION()]);
63              
64             has secondary_motivations => (
65             is => 'rw',
66             isa => ArrayLike [Enum [STIX::Common::OpenVocabulary->ATTACK_MOTIVATION()]],
67             default => sub { STIX::Common::List->new }
68             );
69              
70             has personal_motivations => (
71             is => 'rw',
72             isa => ArrayLike [Enum [STIX::Common::OpenVocabulary->ATTACK_MOTIVATION()]],
73             default => sub { STIX::Common::List->new }
74             );
75              
76             1;
77              
78             =encoding utf-8
79              
80             =head1 NAME
81              
82             STIX::ThreatActor - STIX Domain Object (SDO) - Threat Actor
83              
84             =head1 SYNOPSIS
85              
86             use STIX::ThreatActor;
87              
88             my $threat_actor = STIX::ThreatActor->new();
89              
90              
91             =head1 DESCRIPTION
92              
93             Threat Actors are actual individuals, groups, or organizations believed to
94             be operating with malicious intent.
95              
96              
97             =head2 METHODS
98              
99             L inherits all methods from L
100             and implements the following new ones.
101              
102             =over
103              
104             =item STIX::ThreatActor->new(%properties)
105              
106             Create a new instance of L.
107              
108             =item $threat_actor->aliases
109              
110             A list of other names that this Threat Actor is believed to use.
111              
112             =item $threat_actor->description
113              
114             A description that provides more details and context about the Threat
115             Actor.
116              
117             =item $threat_actor->first_seen
118              
119             The time that this Threat Actor was first seen.
120              
121             =item $threat_actor->goals
122              
123             The high level goals of this Threat Actor, namely, what are they trying to
124             do.
125              
126             =item $threat_actor->id
127              
128             =item $threat_actor->last_seen
129              
130             The time that this Threat Actor was last seen.
131              
132             =item $threat_actor->name
133              
134             A name used to identify this Threat Actor or Threat Actor group.
135              
136             =item $threat_actor->personal_motivations
137              
138             The personal reasons, motivations, or purposes of the Threat Actor
139             regardless of organizational goals. (See C in
140             L)
141              
142             =item $threat_actor->primary_motivation
143              
144             The primary reason, motivation, or purpose behind this Threat Actor. (See
145             C in L)
146              
147             =item $threat_actor->resource_level
148              
149             This defines the organizational level at which this Threat Actor typically
150             works. (See C in L)
151              
152             =item $threat_actor->roles
153              
154             This is a list of roles the Threat Actor plays. (See C
155             in L)
156              
157             =item $threat_actor->secondary_motivations
158              
159             The secondary reasons, motivations, or purposes behind this Threat Actor.
160             (See C in L)
161              
162             =item $threat_actor->sophistication
163              
164             The skill, specific knowledge, special training, or expertise a Threat
165             Actor must have to perform the attack. (See C
166             in L)
167              
168             =item $threat_actor->threat_actor_types
169              
170             This field specifies the type of threat actor. (See C in
171             L)
172              
173             =item $threat_actor->type
174              
175             The type of this object, which MUST be the literal C.
176              
177             =back
178              
179              
180             =head2 HELPERS
181              
182             =over
183              
184             =item $threat_actor->TO_JSON
185              
186             Encode the object in JSON.
187              
188             =item $threat_actor->to_hash
189              
190             Return the object HASH.
191              
192             =item $threat_actor->to_string
193              
194             Encode the object in JSON.
195              
196             =item $threat_actor->validate
197              
198             Validate the object using JSON Schema (see L).
199              
200             =back
201              
202              
203             =head1 SUPPORT
204              
205             =head2 Bugs / Feature Requests
206              
207             Please report any bugs or feature requests through the issue tracker
208             at L.
209             You will be notified automatically of any progress on your issue.
210              
211             =head2 Source Code
212              
213             This is open source software. The code repository is available for
214             public review and contribution under the terms of the license.
215              
216             L
217              
218             git clone https://github.com/giterlizzi/perl-STIX.git
219              
220              
221             =head1 AUTHOR
222              
223             =over 4
224              
225             =item * Giuseppe Di Terlizzi
226              
227             =back
228              
229              
230             =head1 LICENSE AND COPYRIGHT
231              
232             This software is copyright (c) 2024 by Giuseppe Di Terlizzi.
233              
234             This is free software; you can redistribute it and/or modify it under
235             the same terms as the Perl 5 programming language system itself.
236              
237             =cut
238