clean up incident examples

extension-definition-specifications/incident-ef7/examples/example_2.1.json

@@ -1,51 +1,51 @@
 {
     "type": "incident",
     "id": "incident--b0e7e6a5-6e2c-4a0b-8d5a-8a5e92a5a5bc",
-    "created": "2023-11-22T15:30:00Z",
-    "modified": "2023-11-22T15:30:00Z",
+    "created": "2023-11-22T15:30:00.000Z",
+    "modified": "2023-11-22T15:30:00.000Z",
     "spec_version": "2.1",
-    "determination": "confirmed",
-    "extension_type": "property-extension",
-    "investigation_status": "open",
-    "criticality": 70,
-    "detection_methods": [
-        "automated-tool",
-        "human-review"
-    ],
-    "events": [
-        {
-            "event_ref": "event--9ca38544-c247-45d9-9e33-957ba7c9e119"
-        }
-    ],
-    "impact_refs": [
-        "impact--7a5806e4-0f37-4c48-9a50-7301bff4b195"
-    ],
-    "impacted_entity_counts": {
-        "individual": 100,
-        "employee": 70,
-        "customer-individual": 30
-    },
-    "incident_types": [
-        "hosting-phishing-sites"
-    ],
-    "recoverability": "regular",
-    "scores": [
-        {
-            "incident-score": {
-                "name": "ExampleSystem Automated Exposure Score",
-                "value": 75.5,
-                "description": "The score is calculated based on the severity of the incident and the potential impact on the organization."
-            }
-        }
-    ],
-    "tasks": [
-        {
-            "task_ref": "task--a45aaed9-6504-4f95-982e-78508726eb5a"
-        }
-    ],
+    "name": "incident-2173",
+
     "extensions": {
-        "extension-definition—ef765651-680c-498d-9894-99799f2fa126": {
-            "extension_type": "new-sdo"
+        "extension-definition--ef765651-680c-498d-9894-99799f2fa126": {
+            "extension_type": "property-extension",
+	    "determination": "confirmed",
+	    "investigation_status": "open",
+	    "criticality": 70,
+	    "detection_methods": [
+		"automated-tool",
+		"human-review"
+	    ],
+	    "events": [
+		{
+		    "event_ref": "event--9ca38544-c247-45d9-9e33-957ba7c9e119"
+		}
+	    ],
+	    "impact_refs": [
+		"impact--7a5806e4-0f37-4c48-9a50-7301bff4b195"
+	    ],
+	    "impacted_entity_counts": {
+		"individual": 100,
+		"employee": 70,
+		"customer-individual": 30
+	    },
+	    "incident_types": [
+		"hosting-phishing-sites"
+	    ],
+	    "recoverability": "regular",
+	    "scores": [
+		{
+		    "name": "ExampleSystem Automated Exposure Score",
+		    "value": 75.5,
+		    "description": "The score is calculated based on the severity of the incident and the potential impact on the organization."
+
+		}
+	    ],
+	    "tasks": [
+		{
+		    "task_ref": "task--a45aaed9-6504-4f95-982e-78508726eb5a"
+		}
+	    ]
         }
     }
-}
+}

extension-definition-specifications/incident-ef7/examples/example_2.2.json

@@ -1,17 +1,15 @@
 {
     "type": "event",
     "id": "event--68e1e976-7e3b-4233-8bde-1a5dbb17a9a6",
-    "created": "2023-11-22T15:30:00Z",
-    "modified": "2023-11-22T15:30:00Z",
+    "created": "2023-11-22T15:30:00.000Z",
+    "modified": "2023-11-22T15:30:00.000Z",
     "spec_version": "2.1",
     "status": "ongoing",
     "changed_objects": [
         {
-            "state_change": {
-                "state_change_type": "escalation",
-                "initial_ref": "impact--d1e4f6c7-3b1a-4b5c-8a5a-9e7b8a9a5b6c",
-                "result_ref": "impact--c1f2d3e4-5b6c-7a8d-9e0a-1b2c3d4e5f6g"
-            }
+            "state_change_type": "escalation",
+            "initial_ref": "impact--d1e4f6c7-3b1a-4b5c-8a5a-9e7b8a9a5b6c",
+            "result_ref": "impact--c1f2d3e4-5b6c-4a8d-9e0a-1b2c3d4e5f6d"
         }
     ],
     "description": "Phishing attack on company email accounts.",
@@ -29,4 +27,4 @@
             "extension_type": "new-sdo"
         }
     }
-}
+}

extension-definition-specifications/incident-ef7/examples/example_2.3.2.1.1.json

@@ -1,8 +1,8 @@
 {
     "type": "impact",
     "id": "impact--de425325-5ac8-4f4b-ace7-054301b80863",
-    "created": "2023-11-22T15:30:00Z",
-    "modified": "2023-11-22T15:30:00Z",
+    "created": "2023-11-22T15:30:00.000Z",
+    "modified": "2023-11-22T15:30:00.000Z",
     "spec_version": "2.1",
     "impact_category": "availability",
     "criticality": 70,

extension-definition-specifications/incident-ef7/examples/example_2.3.2.2.1.json

@@ -1,8 +1,8 @@
 {
     "type": "impact",
     "id": "impact--c08d9e5a-ba7e-465c-96d5-659683aa9395",
-    "created": "2023-11-22T15:30:00Z",
-    "modified": "2023-11-22T15:30:00Z",
+    "created": "2023-11-22T15:30:00.000Z",
+    "modified": "2023-11-22T15:30:00.000Z",
     "spec_version": "2.1",
     "impact_category": "confidentiality-ext",
     "criticality": 80,
@@ -12,7 +12,7 @@
     "extensions": {
         "confidentiality-ext": {
             "information_type": "customer-data",
-            "loss_type": "unauthorized-disclosure",
+            "loss_type": "confirmed-loss",
             "record_count": 1000
         },
         "extension-definition--7cc33dd6-f6a1-489b-98ea-522d351d71b9": {

extension-definition-specifications/incident-ef7/examples/example_2.3.2.3.1.json

@@ -1,8 +1,8 @@
 {
     "type": "impact",
     "id": "impact--765719be-0e65-4c40-8024-a7295c90da35",
-    "created": "2023-11-22T15:30:00Z",
-    "modified": "2023-11-22T15:30:00Z",
+    "created": "2023-11-22T15:30:00.000Z",
+    "modified": "2023-11-22T15:30:00.000Z",
     "spec_version": "2.1",
     "impact_category": "external-ext",
     "criticality": 60,

extension-definition-specifications/incident-ef7/examples/example_2.3.2.4.1.json

@@ -1,8 +1,8 @@
 {
     "type": "impact",
     "id": "impact--72047fc7-1b34-4cc2-aea7-61b90cdb832d",
-    "created": "2023-11-22T15:30:00Z",
-    "modified": "2023-11-22T15:30:00Z",
+    "created": "2023-11-22T15:30:00.000Z",
+    "modified": "2023-11-22T15:30:00.000Z",
     "spec_version": "2.1",
     "impact_category": "integrity-ext",
     "criticality": 75,
@@ -11,7 +11,7 @@
     "start_time_fidelity": "minute",
     "extensions": {
         "integrity-ext": {
-            "alteration": "unauthorized-modification",
+            "alteration": "full-modification",
             "information_type": "financial-records",
             "record_count": 500
         },

extension-definition-specifications/incident-ef7/examples/example_2.3.2.5.1.json

@@ -1,8 +1,8 @@
 {
     "type": "impact",
     "id": "impact--562c7b03-3c27-4adf-8580-57ecce6687c8",
-    "created": "2023-11-22T15:30:00Z",
-    "modified": "2023-11-22T15:30:00Z",
+    "created": "2023-11-22T15:30:00.000Z",
+    "modified": "2023-11-22T15:30:00.000Z",
     "spec_version": "2.1",
     "impact_category": "monetary",
     "criticality": 85,

extension-definition-specifications/incident-ef7/examples/example_2.3.2.6.1.json

@@ -1,8 +1,8 @@
 {
     "type": "impact",
     "id": "impact--738492bd-288b-48c9-ad2a-83230d2dee86",
-    "created": "2023-11-22T15:30:00Z",
-    "modified": "2023-11-22T15:30:00Z",
+    "created": "2023-11-22T15:30:00.123Z",
+    "modified": "2023-11-22T15:30:00.446Z",
     "spec_version": "2.1",
     "impact_category": "physical",
     "criticality": 95,

extension-definition-specifications/incident-ef7/examples/example_2.3.2.7.1.json

@@ -1,8 +1,8 @@
 {
     "type": "impact",
     "id": "impact--ef58b184-e4b8-4f1f-9ac3-f22aff3f9459",
-    "created": "2023-11-22T15:30:00Z",
-    "modified": "2023-11-22T15:30:00Z",
+    "created": "2023-11-22T15:30:00.628Z",
+    "modified": "2023-11-22T15:30:00.845Z",
     "spec_version": "2.1",
     "impact_category": "traceability",
     "criticality": 65,
@@ -11,7 +11,7 @@
     "start_time_fidelity": "minute",
     "extensions": {
         "traceability-ext": {
-            "traceability_impact": "partial"
+            "traceability_impact": "partial-accountability"
         },
         "extension-definition--7cc33dd6-f6a1-489b-98ea-522d351d71b9": {
             "extension_type": "new-sdo"

extension-definition-specifications/incident-ef7/examples/example_2.4.json

@@ -1,17 +1,15 @@
 {
     "type": "task",
     "id": "task--4e1e2a5a-6b3c-4d5e-8f6a-9e7b8a9a5b6c",
-    "created": "2023-11-22T15:30:00Z",
-    "modified": "2023-11-22T15:30:00Z",
+    "created": "2023-11-22T15:30:00.529Z",
+    "modified": "2023-11-22T15:30:00.811Z",
     "spec_version": "2.1",
     "outcome": "successful",
     "changed_objects": [
         {
-            "state_change": {
-                "state_change_type": "mitigated",
-                "initial_ref": "impact--f3e1a6f3-1a95-457a-84a7-887c2d9e5e7c",
-                "result_ref": "impact--c1f2d3e4-5b6c-7a8d-9e0a-1b2c3d4e5f6g"
-            }
+            "state_change_type": "mitigated",
+            "initial_ref": "impact--f3e1a6f3-1a95-457a-84a7-887c2d9e5e7c",
+            "result_ref": "impact--c1f2d3e4-5b6c-4a8d-9e0a-1b2c3d4e5f62"
         }
     ],
     "description": "Mitigated the impact of the phishing attack.",
@@ -29,4 +27,4 @@
             "extension_type": "new-sdo"
         }
     }
-}
+}

extension-definition-specifications/incident-ef7/examples/example_3.5.json

@@ -1,5 +1,5 @@
 {
     "state_change_type": "escalation",
     "initial_ref": "incident--d1e4f6c7-3b1a-4b5c-8a5a-9e7b8a9a5b6c",
-    "result_ref": "incident--c1f2d3e4-5b6c-7a8d-9e0a-1b2c3d4e5f6g"
-}
+    "result_ref": "incident--c1f2d3e4-5b6c-4a8d-9e0a-1b2c3d4e5f62"
+}

extension-definition-specifications/incident-ef7/examples/example_3.6.json

@@ -2,10 +2,10 @@
     "task_ref": "task--4e1e2a5a-6b3c-4d5e-8f6a-9e7b8a9a5b6c",
     "next_steps": [
         {
-            "task_ref": "task--3e2a1f4b-5c6d-7e8f-9a0b-1c2d3e4f5g6h",
+            "task_ref": "task--3e2a1f4b-5c6d-7e8f-9a0b-1c2d3e4f5g6a",
             "condition_type": "required",
             "transition_type": "success"
         }
     ],
     "sequence_start": true
-}
+}

extension-definition-specifications/incident-ef7/examples/example_3.7.json

@@ -1,5 +1,5 @@
 {
     "condition_type": "required",
-    "task_ref": "task--3e2a1f4b-5c6d-7e8f-9a0b-1c2d3e4f5g6h",
+    "task_ref": "task--3e2a1f4b-5c6d-7e8f-9a0b-1c2d3e4f5g6a",
     "transition_type": "success"
-}
+}

extension-definition-specifications/incident-ef7/examples/incident_asset_context.json

@@ -50,7 +50,7 @@
             "extension-definition--7cc33dd6-f6a1-489b-98ea-522d351d71b9": {
                 "extension_type": "new-sdo"
             },
-            "confidentiality": {
+            "confidentiality-ext": {
                 "information_type": "phi",
                 "loss_type": "suspected-loss"
             }
@@ -66,11 +66,12 @@
         "labels": ["overall"],
         "impacted_refs": ["infrastructure--1c69a97c-bcfa-4674-b3a2-bfb8f797b7e5"],
         "extensions": {
-            "extension-definition--7cc33dd6-f6a1-489b-98ea-522d351d71b9": {
-                "extension_type": "new-sdo"
-            },
-            "availability": {
+
+            "availability-ext": {
                 "availability_impact": 50
+            },
+	    "extension-definition--7cc33dd6-f6a1-489b-98ea-522d351d71b9": {
+                "extension_type": "new-sdo"
             }
         }
     },
@@ -213,4 +214,4 @@
         "source_ref": "software--4c907a8b-c842-4dd2-b5b9-da4a421d8626",
         "target_ref": "vulnerability--c8e2c77a-0369-47a3-831e-e851bd634028"
     }
-]
+]

extension-definition-specifications/incident-ef7/examples/incident_expo_1.json

@@ -166,7 +166,7 @@
                 "extension-definition--7cc33dd6-f6a1-489b-98ea-522d351d71b9": {
                     "extension_type": "new-sdo"
                 },
-                "availability": {
+                "availability-ext": {
                     "availability_impact": 90
                 }
             }
@@ -186,7 +186,7 @@
                 "extension-definition--7cc33dd6-f6a1-489b-98ea-522d351d71b9": {
                     "extension_type": "new-sdo"
                 },
-                "availability": {
+                "availability-ext": {
                     "availability_impact": 75
                 }
             }
@@ -372,4 +372,4 @@
             ]
         }
     ]
-}
+}