[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-users] Publication of another threat intelligence standard: Open Threat Partner eXchange (OpenTPX)
On 21.10.2015 10:17:03, Grobauer, Bernd wrote:
>
> I found this news item (from yesterday) about a new Open Source
> effort on TI standardization and thought it might be of interest to
> the group:
>
>
Good eye, Bernd, thanks for sharing!
My initial reaction was this [0]. But having reviewed the OpenTPX
introduction [1], I see some things that I quite like and from which
we might draw inspiration for the pending CTI standards major
revisions, namely:
* nifty query language
* lightweight extensibility mechanism a la OpenIOC 1.1's Parameters
notion
* how they score observables and allow for aging the scores over
time (cf. score_24hr_decay_i, page 16 in [1])
[0]: http://imgs.xkcd.com/comics/standards.png
[1]: https://www.opentpx.org/docs/openTPX-introduction.pdf
--
Cheers,
Trey
--
Trey Darley
Senior Security Engineer
4DAA 0A88 34BC 27C9 FD2B A97E D3C6 5C74 0FB7 E430
Soltra | An FS-ISAC & DTCC Company
www.soltra.com
--
"One size never fits all." --RFC 1925
Attachment:
signature.asc
Description: PGP signature
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]