[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-stix] [cti-users] MTI Binding
While I no longer consider myself a true academic, one thing is for sure, I am not a professional data modeler. Debating the values of OWL or UML is not interesting to me, sorry. What I care about, and the whole reason I started the JSON debate 18+ months ago and have been pushing so hard for JSON, is market adoption. If we do not gain wide spread adoption / get across the chasm and go mainstream then it really does not matter how neat and cool our data model is. Yes there will also be some people / groups that will use it, there are people still using IODEF, OpenIOC, VERIS, CIF, MILE, OTX, etc, but we run the risk of some YACS gaining massive market share and becoming de facto standard. My vision for STIX and TAXII is: 1) One-way of doing things 2) Simple to understand and easy to use a) Reduce the cost of entry for organization to implement, use, and work with STIX and TAXII 3) Very fluid and easy transport of CTI between users, groups, orgs, devices, and products. a) A transports that allows tools to be written that mimic and enhance the workflow of security analysts today 4) Powerful model that can allow very expressive capture of threats Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards | Office of the CTO Blue Coat Systems PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
|
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]