[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-cybox] Re: [cti-users] Re: [cti-cybox] STIX 2.1 Cyber Observable Proposal - Credential Dump Object
My .02: Sharing compromised/exposed credentials with victims (aka Victim Notifications) should be a use case our CTI Domain vernacular covers, with specificity, certainty, and non-attributional source tracebility. Patrick Maroney I'm not sure how this could derail everything, as this information is already shared via trust group mailing lists. Surely people would already be assured of our was that dangerous? It's also important to realise that sharing happens outside of the US legal system, and the rules in other countries may allow for credential dump sharing in situations the US does not. It's at least worth investigating further IMHO... Cheers Terry MacDonald Cosive On 14 Jan. 2017 15:56, "Bret Jordan" <Bret_Jordan@symantec.com> wrote:
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]