[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [cti-stix] Asset: the missing piece in your puzzle
I agree completely. Just because something (like asset information) is important and could be helpful in understanding the potential impact of a threat doesn’t mean that STIX or any component of CTI needs to define that information model. We need to keep a laser-like focus on Cyber Threat and build bridges to other communities that are looking at asset, configuration or vulnerability information. From: cti-stix@lists.oasis-open.org [mailto:cti-stix@lists.oasis-open.org] On Behalf Of Aharon Chernin I am 100% behind giving us the ability to communicate asset information. Just not sure it should be in STIX, or OASIS CTI for that matter. If we can do this at a higher level than CTI, then we can use the same asset standard for vulnerability, compliance, and threats. We could even use it outside of the information security space. I say we continue using exploit target until we can figure out how to get STIX out of the asset business. Aharon From: <cti-stix@lists.oasis-open.org> on behalf of Patrick Maroney <Pmaroney@Specere.org> ExploitTarget only represents where the "pointy end" of the stick is pointed (attack surface/vulnerability), not the organization or assets behind same. Some of us share the view that there needs to be a top level object that represents the Victim(s) and their Assets. Patrick Maroney _____________________________ Wouldn't an asset just be linked using the already existing facility of @idref on ExploitTarget?
|
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]