OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

cti-stix message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [cti-stix] Proposal to establish Sightings (#306) and Relationships (#291) as our official issue topics under active consideration for STIX v2.0

On 30.10.2015 14:14:23, Jason Keirstead wrote:
> All of these device classes could reasonably directly produce
> observables and sightings, but none of them have systems of record
> that can make use of IDs for querying.

Maybe these device classes *currently* don't have a system of record
for STIX they have emitted however all of these device classes *do*
run on top of databases and for the most part support some sort of
API. For the most part, the fielded versions of these device classes
have *zero* support for STIX/TAXII (much less STIX/TAXII 2.0!). But
there's no technical reason why, when these vendors decide to release
a new version that supports STIX/TAXII 2.0, they can extend the schema
of their underlying database to support the aforementioned system of

Trey Darley
Senior Security Engineer
4DAA 0A88 34BC 27C9 FD2B  A97E D3C6 5C74 0FB7 E430
Soltra | An FS-ISAC & DTCC Company
"It is more complicated than you think." --RFC 1925

Attachment: signature.asc
Description: PGP signature

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]