Requested updates by CB Lab

[mitre-foss-1]

Additional FieldMappingTransformation fields were added.

This is the first of a couple new commits by the CB Lab.

[thomaspatzke]

Hi! Unfortunately I must reject the PR for various reasons:

• The copyright notice that was added in front of the README only mentions MITRE and their authors, not any of the other contributors. Especially Panos Moullotos who had done lot of improvements in this year was removed from the active maintainers list.
• The NOTICE part adds further restrictions to the usage beyond the license with reference to some regulations.
• README content added in the last months was removed.
• Instructions were added in Getting Started section that are environment-specific (Splunk backend, path names) and wrong (installation with pip instead on sigma plugin install, testing by conversion of rules).
• No changelog is maintained in the README, this is done in Git commits and releases.
• The CommandLine mapping is a no-op mapping to itself.
• A mapping for ProcessId already exists. Furthermore, it refers to the wrong fields, as TargetProcessId is the CrowdStrike-specific process identifier, not the one from the OS.
• A mapping for sha256 already exists. MD5HashData is always zeroed in the events and shouldn't be used therefore.