An analysis method tool.
The use of registered CPE values is preferred and can be looked up at "https://nvd.nist.gov/products/cpe/search"
or offline using the regularly updated dictionaries published at "https://nvd.nist.gov/products/cpe".
The use of unregistered CPE values should use "Other:" should be followed by a value
in the form of a CPE name,
and it should result in submitting a new value for inclusion in the official dictionary,
according to the process described at "https://cpe.mitre.org/dictionary/".
The use of the manual analysis method (ie. "ManualAnalysis") can be combined with
names of tools used by the analyst.
(e.g., to indicate that the AnalysisToolResultDescription and KnownMalicious values
are
derived from human analysis aided by a reverse engineering tool one might include
both
"ManualAnalysis" and "Ghidra").
<xs:element name="AnalysisMethodTool" type="dhzm:AnalysisMethodToolType"><xs:annotation><xs:documentation xml:lang="en"><p xmlns="http://www.w3.org/1999/xhtml" ism:classification="U" ism:ownerProducer="USA">An analysis method tool. The use of registered CPE values is preferred and can be looked up at "https://nvd.nist.gov/products/cpe/search" or offline using the regularly updated dictionaries published at "https://nvd.nist.gov/products/cpe". The use of unregistered CPE values should use "Other:" should be followed by a value in the form of a CPE name, and it should result in submitting a new value for inclusion in the official dictionary, according to the process described at "https://cpe.mitre.org/dictionary/". The use of the manual analysis method (ie. "ManualAnalysis") can be combined with names of tools used by the analyst. (e.g., to indicate that the AnalysisToolResultDescription and KnownMalicious values are derived from human analysis aided by a reverse engineering tool one might include both "ManualAnalysis" and "Ghidra").</p></xs:documentation></xs:annotation></xs:element>
Schema location
DHZM.xsd Copy and paste this link to your file browser, clicking the link MAY open in the browser. Opening in an XML aware editor is best.
This document has been approved for Public Release by the Office of the Director of National Intelligence. See Distribution Notice for details.
Click Here