OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

cti-stix message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [cti-stix] STIX/TAXII Vendor Self-Certification Program MOTION

Documentation of the tests performed for a STIX Preferred badge would be on the OASIS web-site/portal on what specific persona were tested and the results would be available for download if someone wanted to look at them.


Allan Thomson,

CTO, Lookingglass Cyber Solutions

This electronic message transmission contains information from LookingGlass Cyber Solutions, Inc. which may be attorney-client privileged, proprietary and/or confidential. The information in this message is intended only for use by the individual(s) to whom it is addressed.  If you believe that you have received this message in error, please contact the sender, delete this message, and be aware that any review, use, disclosure, copying or distribution of the contents contained within is strictly prohibited



From: "cti-stix@lists.oasis-open.org" <cti-stix@lists.oasis-open.org> on behalf of "Taylor, Marlon" <Marlon.Taylor@hq.dhs.gov>
Date: Monday, October 16, 2017 at 8:04 AM
To: "'Gong, Nicole X.'" <ngong@mitre.org>, Nicholas Hayden <nhayden@anomali.com>, "cti-stix@lists.oasis-open.org" <cti-stix@lists.oasis-open.org>, JG CTI-TC <jg@ctin.us>
Subject: RE: [cti-stix] STIX/TAXII Vendor Self-Certification Program MOTION




How would the badges or documentations specific the personas?




From: cti-stix@lists.oasis-open.org [mailto:cti-stix@lists.oasis-open.org] On Behalf Of Gong, Nicole X.
Sent: Monday, October 09, 2017 9:09 PM
To: Nicholas Hayden; cti-stix@lists.oasis-open.org; JG @ OASIS
Subject: RE: [cti-stix] STIX/TAXII Vendor Self-Certification Program MOTION




I concur.


Nicole Gong


From: cti-stix@lists.oasis-open.org [mailto:cti-stix@lists.oasis-open.org] On Behalf Of Nicholas Hayden
Sent: Monday, October 9, 2017 8:18 PM
To: cti-stix@lists.oasis-open.org; JG @ OASIS <jg@ctin.us>
Subject: Re: [cti-stix] STIX/TAXII Vendor Self-Certification Program MOTION




I agree.


Best Regards,
Nicholas Hayden, CISSP, GICSP, CNDA, CEH, Sec+
Director of Engineering Anomali | anomali.com
808 Winslow St Redwood City, CA 94063
Phone: (650) 257-0867 | Twitter: @anomali

On Oct 9, 2017, 8:13 PM -0400, JG @ OASIS <jg@ctin.us>, wrote:


I second the motion.

Jane Ginn


On 10/9/2017 2:05 PM, Allan Thomson wrote:

Dear TC Members,


I motion that the TC approve, by unanimous consent, the following regarding the vendor self-certification program for TC approval.


If you have any concerns please reply to the list. If we need to discuss any changes then we can certainly consider a discussion at the F2F next week.


1.  OASIS will create official STIX and TAXII interoperability badges for exclusive use by vendors of products that have passed the online self-certification tests.  ("Products" may include services as well as software, to the extent the requirements are applicable in the test protocols named below.) 

2.  Products will be granted the right to use one of two available badges: a) STIX-only or b) STIX-and-TAXII.  Since the TAXII test incorporates STIX, there will be no need for a TAXII-only badge and no benefit in offering multiple badges per product.

3.  The interoperability badges will incorporate the STIX and TAXII logos.  If possible, OASIS will update the current STIX and TAXII logo designs in a way that leverages current brand recognition but also conveys the exciting changes in 2.x.  OASIS will continue to work with DHS to resolve trademark issues regarding the logos, and under current licensing, the launch and details of this program will be contingent on advance DHS approval.  

4.  Only the major version number for the specifications will be used in the badges, i.e., 'STIX 2' and 'STIX+TAXII 2'.  Attempting to denote minor version numbers in the badge (e.g. 'STIX 2.5') would cause extra work and risk confusion over time.

5.  The badges will incorporate the STIX 2 and TAXII 2 logos along with a term that indicates the accomplishment (i.e., the product has passed the interoperability test).  OASIS will use the terms 'STIX 2 Preferred' and 'STIX TAXII 2 Preferred'.  We believe 'Preferred' will convey formal recognition that the product meets a higher level of quality. The proposed final design will be brought back to the TC for its feedback.

6.  When used by vendors in online applications, the badges will be linked to an OASIS web page that explains the meaning of the badge, details restrictions for its use, lists all products authorized to use it, and provides instructions for how to perform the self-assessment and attestation that earns the badge, including a link to any online test resources.  The badges will be based on the following two test documents: [stix-taxii-2-interop-p1-v1-0-fd03] and [stix-taxii-2-interop-p2-v1-0].

7.  OASIS will reserve use of the Preferred badges to vendors who have completed the self-assessment and attestation program.  Unauthorized parties will be asked to immediately remove the badge from their collateral and advised on the proper method for attaining authorization. 

8.  OASIS will draft specific SLA terms appropriate for self-attestation, which will be publicly posted, and work through other key operational issues in consultation with the CTI Interoperability Subcommittee.


This is a significant step towards formalizing interoperability testing and we look forward to your input/agreement.




Allan Thomson


R. Jane Ginn, MSIA, MRP
Secretary, Cyber Threat Intelligence Technical Committee (CTI TC)

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]