[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-stix] STIX 2.0 Architecture - Relationships, Sightings, and Targeting
Mark,
I agree that it makes sense for everyone to be aware of a range of specific identified issues that all deal with some architectural-level refactoring within STIX.
I do not think it is appropriate for us to try to tackle detailed discussion or proposed solutions to these issues all at once but understanding the range of proposed issues on the table will help
us to identify potential dependencies and architectural significance factors in order to prioritize which we need to tackle first and which ones we should consider and revisit as we move through them.
So some of the key ones that I think we should all be aware of are:
Abstracting Relationships (#291)
Abstracting Sightings (#306)
Abstracting Victim to separate construct (#149)
Abstracting Asset to separate construct (#234)
Abstracting Source to separate construct (#233)
Creating new Actor(Identity) construct to act as basis for identity type constructs (Threat Actor, Source, Victim, new Defense Actor?, new 3rd Part Actor?) (#235)
Creating new IDable Construct (or some other name) construct to act as common basis for all IDable constructs (defining id, idref, timestamp, Title, Description, etc. properties in one place) (#372)
Clarify semantics of different types of TTPs as expressed in the TTP construct (#360)Creating a new top-level Action construct to act as common basis for human-oriented actions or action decisions (#374)
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]