[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-stix] STIX 2.1 discussion
My wish list for 2.1:
- Confidence, so that consumers are able to filter out the high confidence intel from the lore confidence (this is the most critical thing we're missing at the moment!)
- Opinion object, so that people can show it they agree or disagree with someone else's assertion.
- Internationalization, which is critical to gain widespread adoption outside of the US.
- incident object, so we can properly show the incidents orgs have responded to.
- IEP integration, including the latest version of IEP in the STIX document as an example.
For STIX 2.2:
- digital signatures
- object level encryption
Cheers
Terry MacDonald
Cosive
The OpenC2 spec is mature enough with a proposal for STIX here complete with the JSON schema and examples. There are reference implementations being built as of now using orchestrators and SDN controllers. I’d be happy to provide an update or answer any questions on behalf of the OpenC2 working group.
Thanks,Jyoti
From: <cti-stix@lists.oasis-open.org> on behalf of "Jordan, Bret" <bret.jordan@bluecoat.com>
Date: Friday, August 19, 2016 at 9:11 AM
To: "cti-stix@lists.oasis-open.org" <cti-stix@lists.oasis-open.org >
Subject: [cti-stix] STIX 2.1 discussion
Even though STIX 2.0 is just leaving the house, I would like to start work on STIX 2.1... Here are some of the things I would like to see us do. Please comment on or add your suggestions....
My Primary Goals for 2.11) Flesh out the Malware object2) Add the Incident object3) Add the Infrastructure object4) Solve the problem of not being able to track when a victim was being targeted.5) Flesh out Course of Action and add support for OpenC2
Stretch Goals 2.1
1) Figure out Confidence2) Figure out a solution for Digital Signatures
My Primary Goals for 2.21) Confidence2) Digital Signatures3) Internationalization
I would also like to propose that we plan to have this done by end of January 2017. That gives us 5 months - 1 month for holiday time off = 4 months of development work.
If we could have this discussion wrapped up before the end of August, and have the roadmap in place for 2.1 and 2.2 that would be great.
Thanks,
Bret
Bret Jordan CISSPDirector of Security Architecture and Standards | Office of the CTOBlue Coat SystemsPGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]