[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-cybox] CybOX 3.0: File Object Refactoring
This is likely a good topic for tomorrow’s call. I’d be curious to see how everyone feels about the capture of analytical observations; I feel that Pat brought up a great point, and this is definitely something we want to support in CTI-land. However, the question for us is whether this makes sense in CybOX or not. Also, we’ve just updated the File Object proposal to add the properties around directories [1] and the default file metadata extension [2]. Let us know what you think! [1] https://github.com/CybOXProject/schemas/wiki/CybOX-3.0:-File-Object-Refactoring#filesystemproperties [2] https://github.com/CybOXProject/schemas/wiki/CybOX-3.0:-File-Object-Refactoring#filemetadataextension Regards, Ivan On 12/16/15, 4:00 AM, "Trey Darley" <trey@soltra.com> wrote: >On 15.12.2015 16:52:31, Kirillov, Ivan A. wrote: >> >> IMO, we should leave analytical findings to other places where they >> make more sense (probably STIX), and leave CybOX to “just the >> facts”. >> > >Bingo, +1000! > >-- >Cheers, >Trey >-- >Trey Darley >Senior Security Engineer >4DAA 0A88 34BC 27C9 FD2B A97E D3C6 5C74 0FB7 E430 >Soltra | An FS-ISAC & DTCC Company >www.soltra.com >-- >"With sufficient thrust, pigs fly just fine. However, this is not >necessarily a good idea. It is hard to be sure where they are going to >land, and it could be dangerous sitting under them as they fly >overhead." --RFC 1925
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]