OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

cti-stix message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [cti-stix] Vulnerability object added

Agreed.

 

Thanks for getting this in there.

 

From: "cti-stix@lists.oasis-open.org" <cti-stix@lists.oasis-open.org> on behalf of Jason Keirstead <Jason.Keirstead@ca.ibm.com>
Date: Thursday, July 14, 2016 at 7:05 AM
To: "Wunder, John" <jwunder@mitre.org>
Cc: "cti-stix@lists.oasis-open.org" <cti-stix@lists.oasis-open.org>
Subject: Re: [cti-stix] Vulnerability object added

 

Looks good to me.

-
Jason Keirstead
STSM, Product Architect, Security Intelligence, IBM Security Systems
www.ibm.com/security | www.securityintelligence.com

Without data, all you are is just another person with an opinion - Unknown


nactive hide details for "Wunder, John A." ---07/14/2016 10:55:12 AM---So"Wunder, John A." ---07/14/2016 10:55:12 AM---Sorry, should have given a link to the object. It’s in the STIX 2.0-Objects document, here: https://

From: "Wunder, John A." <jwunder@mitre.org>
To: "cti-stix@lists.oasis-open.org" <cti-stix@lists.oasis-open.org>
Date: 07/14/2016 10:55 AM
Subject: Re: [cti-stix] Vulnerability object added
Sent by: <cti-stix@lists.oasis-open.org>




Sorry, should have given a link to the object. It’s in the STIX 2.0-Objects document, here: https://docs.google.com/document/d/1F1c05GgYaJFV1Z04B8c_T3vEE-LRQTPExF24LvOQAsk/edit#heading=h.q5ytzmajn6re

John

From: <cti-stix@lists.oasis-open.org> on behalf of "Wunder, John A." <jwunder@mitre.org>
Date: Thursday, July 14, 2016 at 8:11 AM
To: "cti-stix@lists.oasis-open.org" <cti-stix@lists.oasis-open.org>
Subject: [cti-stix] Vulnerability object added

All,

As discussed on the call on Tuesday, it seemed like people were looking for a Vulnerability object so that they could say malware/actors/campaigns target particular vulnerabilities.

Way back when we were first working on 2.0 we had a definition in there that I updated and moved over. Primarily, it would be used to capture external references to CVE and other vulnerability identifiers, as Jason had suggested. It also has a name and description in case there’s no CVE or other reference assigned yet or you want to duplicate them into the object directly. I also added the relationships it would conceivably need.

Can you please review it to see if it captures what you need it to?

Thanks,
John

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]