[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-cybox] CybOX Object Selection
I am pretty sure that this specifically was one of DHS targeted use cases in their published intelligence products as well.
I recall one of the sharing communities (don’t recall which one specifically) also bringing up the use case of characterizing compromised X509 certs in Indicators and then wanting to characterize revoking/blocking certs from certain compromised authorities
as structured COAs.
sean
From: <cti-cybox@lists.oasis-open.org> on behalf of Patrick Maroney <Pmaroney@Specere.org>
Date: Tuesday, February 23, 2016 at 3:17 PM To: Steve Cell <ikirillov@mitre.org>, "cti-cybox@lists.oasis-open.org" <cti-cybox@lists.oasis-open.org> Subject: Re: [cti-cybox] CybOX Object Selection Ivan,
Not clear from your comment that this use case is fully represented. The capture and conveyance of malicious/subverted/compromised X509 Certificates is unfortunately a common Use Case/Scenario. Therefore should be part of what we can represent.
Patrick Maroney
Office: (856)983-0001
Cell: (609)841-5104
President
Integrated Networking Technologies, Inc.
PO Box 569
Marlton, NJ 08053
From: <cti-cybox@lists.oasis-open.org> on behalf of Ivan Kirillov <ikirillov@mitre.org>
Date: Tuesday, February 23, 2016 at 1:13 PM To: "cti-cybox@lists.oasis-open.org" <cti-cybox@lists.oasis-open.org> Subject: Re: [cti-cybox] CybOX Object Selection
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]