[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-users] Publication of another threat intelligence standard: Open Threat Partner eXchange (OpenTPX)
Copying this trail from CTI-Users to the STIX and TAXII SC lists. I know it is somewhat pie in the sky, but what I would really like people to considet when talkkng about CybOX 2.0 and QUERY 2.0, would be a query language that was the same as the language observables were defined in. Today those things are very different (CybOX and ?), when really there is no reason it should be this way. It would certainly make things simpler for newcomers, if in my STIX document I could define an observable as "IP = 1.2.3.4 AND MD5 = AD3957DF838383", and then later use the exact same syntax to search for other indicators in a repository. Having different languages for definition and search is not ideal. Imagine if you used different languages to insert and select from an RDBMS. That's what we're doing right now, except its with a graph (STIX). Sent from IBM Verse
From: | "Trey Darley" <trey@soltra.com> |
To: | "Grobauer, Bernd" <Bernd.Grobauer@siemens.com> |
Cc: | cti-users@lists.oasis-open.org |
Date: | Wed, Oct 21, 2015 8:02 AM |
Subject: | Re: [cti-users] Publication of another threat intelligence standard: Open Threat Partner eXchange (OpenTPX) |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]