I concur that a central registry approach would guarantee some level of Interoperability, while "open custom free-to-put-anything-in vocabularies" would not benefit The Community.
"Vendors" could come with (and push for) their own Controlled Vocabularies (for review, extension, improvement...) but a standard must not be created to accommodate existing products or marketing leitmotiv.
As an alien... I hope that "the transition of the -IANA- function to the global multi-stakeholder community" [1] could favorite (and hopefully simplify) this approach.
(No Interoperability; No Automation; No Optimization; No High Maturity)
2016-06-01 13:32 GMT+03:00 Terry MacDonald <terry.macdonald@cosive.com>:
<snip>I am coming around to the idea of us needing a central registry of common objects for a multitude of reasons, and that central registry makes it easier to implement Option 1. The central registry of common objects would allow:
- Controlled Vocabularies to be specified
- Attack Pattern Objects to be created for each CAPEC entry so we can pivot from common object IDs
- Allow for a common Vulnerability objects to be created for each CVE number that's issued
- Allow for common Kill chain and Kill chain phase objects to be shared across platforms
and probably others I haven't thought of. I'm thinking its an idea we might need to entertain.....CheersTerry MacDonald | Chief Product Officer
