I am writing to ask for help.
In 2010 I was lead author of the
OPEN FAIRâ - STIXâ INTEGRATION white paper with the expert advice and assistanceÂby Dez Beck of MITRE (and OASIS). It appeared that data produced in conformance with STIX could be used to help inform estimates of Threat Event Frequency (TEF) and Threat Capability (TCap) for a FAIR analysis.
In a conversation with Jane Ginn earlier this month I learned that data in STIX 2.1 and earlier versions is being widely produced and used by the various incident response tools/systems.
Could somebody help me identifying some available data and performing an analysis? Relevant STIX data are those related to Threat Actor: Indicator, Intrusion Set, AttackÂPattern, Malware and Tool.
A possible outcome is the creation of a guide on how to use STIX data to inform a FAIR analysis, helping to build a bridge from responding to incidents to influencing executive investment decisions for security countermeasures.
Thank you for your consideration,
Chris Carlson
Member of the Open Group Security Forum