[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-interoperability] possible work item
Yes. Meantime maybe the Interoperability TC could help somehow identifying and inviting (outreach) some folks from related efforts/projects, while they are more than 2 others, like IODEF, OpenSOC, ... 2015-10-27 15:14 GMT+03:00 Kirillov, Ivan A. <ikirillov@mitre.org>: > Jason Lewis from Looking Glass and perhaps some other OpenTPX folks are on > the list, but I don’t believe there is anyone from Facebook. IMO, given that > we’re working towards creating an OASIS standard, the onus is on them to > come participate in the discussions and share their ideas. > > Regards, > Ivan > > From: <cti-interoperability@lists.oasis-open.org> on behalf of Jerome Athias > Date: Tuesday, October 27, 2015 at 8:07 AM > To: Mark Davidson > Cc: Jason Keirstead, "terry@soltra.com", Bret Jordan, > "cti-interoperability@lists.oasis-open.org" > > Subject: Re: [cti-interoperability] possible work item > > I concur > Btw I would expect to have some representatives of these efforts already on > this mailinglist. ? > Otherwise we should invite them > > On Tuesday, 27 October 2015, Davidson II, Mark S <mdavidson@mitre.org> > wrote: >> >> My personal preference would be to work with them to all use the same >> thing vs. having some form of mapping across them. To me, this means that we >> would need to be open to accepting ideas from e.g., ThreatExchange and >> OpenTPX (Note: I’ve taken a quick look and I think there are good things to >> learn from both). I’ve said this privately to some already: I think >> ThreatExchange, OpenTPX, et al should be treated as allies in solving the >> problem of information sharing. >> >> >> >> Thank you. >> >> -Mark >> >> >> >> From: cti-interoperability@lists.oasis-open.org >> [mailto:cti-interoperability@lists.oasis-open.org] On Behalf Of Jason >> Keirstead >> Sent: Monday, October 26, 2015 4:32 PM >> To: terry@soltra.com >> Cc: athiasjerome@gmail.com; bret.jordan@bluecoat.com; >> cti-interoperability@lists.oasis-open.org; Davidson II, Mark S >> <mdavidson@mitre.org> >> Subject: Re: RE: [cti-interoperability] possible work item >> >> >> >> It might help to get you 50% of the way, but the other 50% is the much >> longer pole. >> >> >> >> - >> Jason Keirstead >> Product Architect, Security Intelligence, IBM Security Systems >> www.ibm.com/security | www.securityintelligence.com >> >> Without data, all you are is just another person with an opinion - Unknown >> >> >> >> >> >> ----- Original message ----- >> From: Terry MacDonald <terry@soltra.com> >> Sent by: <cti-interoperability@lists.oasis-open.org> >> To: "Davidson II, Mark S" <mdavidson@mitre.org>, Jerome Athias >> <athiasjerome@gmail.com>, "Jordan, Bret" <bret.jordan@bluecoat.com> >> Cc: "cti-interoperability@lists.oasis-open.org" >> <cti-interoperability@lists.oasis-open.org> >> Subject: RE: [cti-interoperability] possible work item >> Date: Mon, Oct 26, 2015 1:18 PM >> >> >> As a quick throwaway question – would moving to JSON-LD help us ‘map’ our >> data to OpenTPX or ThreatExchange? My thoughts are that if all three parties >> can agree to use JSON-LD then it becomes VERY easy to translate the data >> from one JSON format to another. >> >> >> >> Cheers >> >> >> >> Terry MacDonald >> >> Senior STIX Subject Matter Expert >> >> SOLTRA | An FS-ISAC and DTCC Company >> >> +61 (407) 203 206 | terry@soltra.com >> >> >> >> >> >> From: cti-interoperability@lists.oasis-open.org >> [mailto:cti-interoperability@lists.oasis-open.org] On Behalf Of Davidson II, >> Mark S >> Sent: Tuesday, 27 October 2015 12:25 AM >> To: Jerome Athias <athiasjerome@gmail.com>; Jordan, Bret >> <bret.jordan@bluecoat.com> >> Cc: cti-interoperability@lists.oasis-open.org >> Subject: RE: [cti-interoperability] possible work item >> >> >> >> (This is really just a somewhat different framing, but I’ll put it in my >> own words) >> >> >> >> I’d like to propose that the interoperability SC maintain awareness of >> related efforts and promote collaboration between the CTI TC and related >> efforts wherever possible. Specifically, I feel that treating e.g., OpenTPX >> and ThreatExchange as friendly will be mutually beneficial. >> >> >> >> I realize this probably pushes the boundary of the term interoperability; >> if it doesn’t fit in the interop SC, maybe it’s just something we take on at >> the TC level. >> >> >> >> Thank you. >> >> -Mark >> >> >> >> From: cti-interoperability@lists.oasis-open.org >> [mailto:cti-interoperability@lists.oasis-open.org] On Behalf Of Jerome >> Athias >> Sent: Friday, October 23, 2015 2:16 PM >> To: Jordan, Bret <bret.jordan@bluecoat.com> >> Cc: cti-interoperability@lists.oasis-open.org >> Subject: Re: [cti-interoperability] possible work item >> >> >> >> Yeah. At the same time they could be easily challenged, because frankly >> speaking (Sean could kick my ass), I don't need a new-cool-fancy format to >> get dshield and malware domains lists integrated in my SIEM. CSV is fine >> >> On Friday, 23 October 2015, Jordan, Bret <bret.jordan@bluecoat.com> wrote: >> >> One thing I would like to see this group work on is: >> >> >> >> * Outreach... Meaning I would like to have us do outreach to the new >> OpenTPX group and the Facebook ThreatExchange group and see what kind of >> give-n-take would be needed for us to combine efforts. >> >> >> >> From looking at it, I am guessing that each group would need to give a >> little. But I think a unified solution would be greater than the sum of the >> parts. Yes, it will challenge some of the things we have done in STIX, but >> some of the things in OpenTPX and FB ThreatExchange are neat. And we should >> really look in to doing them. >> >> >> >> >> >> Thanks, >> >> >> >> Bret >> >> >> >> >> >> >> >> Bret Jordan CISSP >> >> Director of Security Architecture and Standards | Office of the CTO >> >> Blue Coat Systems >> >> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 >> >> "Without cryptography vihv vivc ce xhrnrw, however, the only thing that >> can not be unscrambled is an egg." >> >> >> >> >> --------------------------------------------------------------------- To >> unsubscribe from this mail list, you must leave the OASIS TC that generates >> this mail. Follow this link to all your TCs in OASIS at: >> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]