[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-stix] Deconstruction of Cybox observables from STIX reports
Hi Jerome, Thanks for passing along information on XORCISM. I didn¹t hear about it till now. Will do some reading to see if it can help. Thanks, Jyoti On 10/29/15, 11:18 PM, "Jerome Athias" <athiasjerome@gmail.com> wrote: >In case it could be somehow useful (maybe for the Interoperability >TC), attached is an ongoing effort (aka DRAFT/Incomplete >documentation, meaning mappings are already there in XORCISM but not >reflected in the doc) of mappings in order to demonstrates the level >of compatibility/interoperability) of XORCISM with CTI. > >2015-10-30 9:12 GMT+03:00 Jerome Athias <athiasjerome@gmail.com>: >> For reference, attached is the representation of one use case over the >> XORCISM architecture. >> (The XORCISM API contains a representation of the STIX objects and >> acts as a 'translator', with the use of Plugins, to do the translation >> job like STIX2ToolA, STIX2ToolB, or XORCISM2STIX) >> >> 2015-10-29 22:52 GMT+03:00 Jyoti Verma (jyoverma) <jyoverma@cisco.com>: >>> Hi, >>> >>> I brought this up during the Cybox call today and taking it offline for >>> further discussion. To recap, we are looking into deconstructing Cybox >>> observables from STIX IOCs for distribution to disparate systems that >>>can >>> deal with them and then at a later point in time, re-construct them >>>back >>> thereby enriching the original IOC. Instead of re-inventing the wheel >>>on >>> this, I was wondering if there is a tool out there that can handle >>> comprehensive use cases. Would love to hear the approach and challenges >>> faced in this process by folks who do this currently. >>> >>> Thanks, >>> Jyoti >>> >>>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]