[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: EXT :Re: Initial impressions: OCSF vs. OpenC2 data types
Duncan, We can look at that; Mike is supportive. I was refreshing my NIEM knowledge starting w/Wikipedia, which includes this in the up-front material: NIEM is currently transitioning to an OASIS Open
Project. This initiative will formalize NIEM's designation as an official standard in national and international policy and procurement. The transition is in the early stages with completion anticipated at the end of 2023. I don’t know what’s involved in that transition, but 18 months seems like quite a long time. More reading is required. My first encounter was when I attended a knowledge session about NIEM some years ago and at the time it was being presented as mandatory for use within USG agencies, but I don’t see anything
about that today. The NIEM About page emphasizes “NIEM can save organizations time and money by providing consistent, reusable,
and repeatable data terms, definitions, and processes.” I’ve never actually encountered a project that was (to my knowledge) actually using it. Dave __________________ From: duncan sfractal.com <duncan@sfractal.com>
DaveL, Thank you for your excellent work. Would it be possible to also look at NIEM Cyber Domain at the same time. Although ignorant in this area, my gut is NIEM should get a higher priority than OCSF since NIEM
is now an OASIS project with path to standardization while OCSF is a github project (albeit with some big players supporting) without a clear path to standardization (albeit I hope they become an OASIS project as well). DaveK, Do either OCSF or NIEM lend themselves better to JADN? Would JADN be useful to help with the type of analysis DaveL is doing? -- Duncan Sparrell sFractal Consulting LLC iPhone, iTypo, iApologize I welcome VSRE emails. Learn more at http://vsre.info
[vsre.info]/ From:
openc2@lists.oasis-open.org <openc2@lists.oasis-open.org> on behalf of Lemire, Dave (HII-Mission Technologies)
<david.lemire@hii-tsd.com> At our last TC meeting we spend some time discussing the recently announced Open Cybersecurity Schema Framework (OCSF). Just to get a sense, I started looking at the data types defined in OCSF, viewing them
in their schema browser located at
https://schema.ocsf.io/ [schema.ocsf.io] The data types, specifically, are at
https://schema.ocsf.io/data_types?extensions= I haven’t yet dived into a careful point-by-point comparison, but have some initial observations:
Dave __________________ |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]