[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-stix] Kill Chains in STIX
(late :p)I concur that a central registry approach would guarantee some level of Interoperability, while "open custom free-to-put-anything-in vocabularies" would not benefit The Community."Vendors" could come with (and push for) their own Controlled Vocabularies (for review, extension, improvement...) but a standard must not be created to accommodate existing products or marketing leitmotiv.As an alien... I hope that "the transition of the -IANA- function to the global multi-stakeholder community" [1] could favorite (and hopefully simplify) this approach.(No Interoperability; No Automation; No Optimization; No High Maturity)2016-06-01 13:32 GMT+03:00 Terry MacDonald <terry.macdonald@cosive.com>:<snip>I am coming around to the idea of us needing a central registry of common objects for a multitude of reasons, and that central registry makes it easier to implement Option 1. The central registry of common objects would allow:
- Controlled Vocabularies to be specified
- Attack Pattern Objects to be created for each CAPEC entry so we can pivot from common object IDs
- Allow for a common Vulnerability objects to be created for each CVE number that's issued
- Allow for common Kill chain and Kill chain phase objects to be shared across platforms
and probably others I haven't thought of. I'm thinking its an idea we might need to entertain.....CheersTerry MacDonald | Chief Product Officer
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]