[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-users] Publication of another threat intelligence standard: Open Threat Partner eXchange (OpenTPX)
On 21.10.2015 10:17:03, Grobauer, Bernd wrote: > > I found this news item (from yesterday) about a new Open Source > effort on TI standardization and thought it might be of interest to > the group: > > Good eye, Bernd, thanks for sharing! My initial reaction was this [0]. But having reviewed the OpenTPX introduction [1], I see some things that I quite like and from which we might draw inspiration for the pending CTI standards major revisions, namely: * nifty query language * lightweight extensibility mechanism a la OpenIOC 1.1's Parameters notion * how they score observables and allow for aging the scores over time (cf. score_24hr_decay_i, page 16 in [1]) [0]: http://imgs.xkcd.com/comics/standards.png [1]: https://www.opentpx.org/docs/openTPX-introduction.pdf -- Cheers, Trey -- Trey Darley Senior Security Engineer 4DAA 0A88 34BC 27C9 FD2B A97E D3C6 5C74 0FB7 E430 Soltra | An FS-ISAC & DTCC Company www.soltra.com -- "One size never fits all." --RFC 1925
Attachment:
signature.asc
Description: PGP signature
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]