> TAXII is a threat sharing technology that enables rapid, secure, and trusted communications between people and systems through simple, powerful,
and reusable concepts.
The old vision statement put boundaries around what TAXII is and is not. Using the newly proposed vision statement I can't tell if TAXII is the transmission protocol or the data that is being transmitted. For
example, I could swap out TAXII with the term STIX and it still applies: STIX is a threat sharing technology
that enables rapid, secure, and trusted communications between people and systems through simple, powerful, and reusable concepts.
I think we could use the proposed sentence which removes some subjectivity and adds boundaries. Warning, I literally spent 15 seconds thinking about this:
TAXII is a threat sharing technology that enables machine transmission of information security data to people and systems through simple and reusable concepts. TAXII
is a protocol that defines the exchange of information security data and is not a language for defining threat, vulnerability, or compliance data.
By adding boundaries we help the end user figure out where TAXII fits into the ecosystem.
Aharon Chernin
CTO
SOLTRA
| An FS-ISAC & DTCC Company
18301 Bermuda green Dr
Tampa, fl 33647
813.470.2173 | achernin@soltra.com
From: cti-taxii@lists.oasis-open.org <cti-taxii@lists.oasis-open.org> on behalf of Jordan, Bret <bret.jordan@bluecoat.com>
Sent: Monday, September 14, 2015 1:58 PM
To: Wunder, John A.
Cc: cti-taxii@lists.oasis-open.org
Subject: Re: [cti-taxii] Vision Statement for TAXII
John, I think that sounds good. Lets just drop that second sentence.
Thanks,
Bret
Bret Jordan CISSP
Director of Security Architecture and Standards | Office of the CTO
Blue Coat Systems
PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
"TAXII is a threat sharing technology that enables rapid, secure, and trusted communications between people and systems through simple, powerful, and reusable concepts. TAXII users have faster response times, better
ROI, and more effective cyber defenses."
I would delete the second line, it’s an unprovable marketing pitch. I like the first line though, and IMO it stands on its own.
John
All,
The statement Bret shared below is intended to be the kind of statement that we can make future decisions around. When a contentious issue comes up, one factor will
be how well various options match the vision statement.
When people write articles about TAXII, they are going to use our vision statement – this is our opportunity to get the first word into many TAXII discussions. Having
a good vision statement is important.
For comparison, the equivalent text for TAXII 1.0 and TAXII 1.1 was:
TAXII defines a set of services and message exchanges that, when implemented, enable sharing of actionable cyber threat information across
organization and product/service boundaries. TAXII defines services, protocols and messages to exchange cyber threat information for the detection, prevention, and mitigation of cyber threats. TAXII is not an information sharing initiative or application and
does not attempt to define trust agreements, governance, or non-technical aspects of cyber threat information sharing. Instead, TAXII empowers organizations to achieve improved situational awareness about emerging threats, and enables organizations to easily
share the information they choose with the partners they choose all while using a single, common, set of tools.
What do you think? Should we keep the old one? Is the new one better? Would you like to offer a different proposal for consideration?
In an effort to cajole responses out of this subcommittee: I’ll offer to take your silence as complete support of the proposed vision statement and that you have nothing
but effusive praise for it. (I’m kidding – but please share your thoughts!).
Let the SC know what you think!
Thank you.
-Mark
Team,
During our last call we had a good conversation about the need to establish some top level elements for this subcommittee, these include things like vision, scope, and purpose. We would like to propose the following vision/purpose statement for your review.
"TAXII is a threat sharing technology that enables rapid, secure, and trusted communications between people and systems through simple, powerful, and reusable concepts. TAXII users have faster response times, better
ROI, and more effective cyber defenses."
Bret Jordan CISSP
Director of Security Architecture and Standards | Office of the CTO
PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
|