[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-stix] Deconstruction of Cybox observables from STIX reports
For reference, attached is the representation of one use case over the XORCISM architecture. (The XORCISM API contains a representation of the STIX objects and acts as a 'translator', with the use of Plugins, to do the translation job like STIX2ToolA, STIX2ToolB, or XORCISM2STIX) 2015-10-29 22:52 GMT+03:00 Jyoti Verma (jyoverma) <jyoverma@cisco.com>: > Hi, > > I brought this up during the Cybox call today and taking it offline for > further discussion. To recap, we are looking into deconstructing Cybox > observables from STIX IOCs for distribution to disparate systems that can > deal with them and then at a later point in time, re-construct them back > thereby enriching the original IOC. Instead of re-inventing the wheel on > this, I was wondering if there is a tool out there that can handle > comprehensive use cases. Would love to hear the approach and challenges > faced in this process by folks who do this currently. > > Thanks, > Jyoti > >
Attachment:
XORCISM_Technical_Architecture_CTI.jpg
Description: JPEG image
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]