[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: STIX Incident Meeting Slides
I attached the slides that were presented at the working session today. Based on the discussions today the following were concluded: 1. Impacts will be split into their own extension. I will present a proposal on this next week for the group to review. 2. Activities should be split from Incident as was initially proposed, but as a group we need to decide a name for these. Regardless of what we call them it is important that they be distinct from Courses of Action for defenders while allowing capturing of attacker, defender, and other types of actions / events / activities. Options brought up include: a. Incident Activity b. Activity c. Event d. Action //SIGNED// Jeffrey Mates, Civ DC3/TSD Computer Scientist Technical Solutions Development jeffrey.mates@us.af.mil 410-694-4335
Attachment:
STIX Incident Paths Forward.pdf
Description: Adobe PDF document
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]