[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-taxii] RE: Vision Statement for TAXII
If we're pursuing the TAXII 2.x Vision Statement here I would argue for a broader scope for TAXII beyond CTI. The OMG Threat Risk Initiative is defining models for Threat/Risk that transcend Domains (Cyber, Political, Natural Disaster, Terrorist, etc.).
I see no reason to constrain TAXII to just the Cyber Domain. For example, I believe we could fairly easily embed NIEM XML Packages focusing on other domains in STIX packages today to support an "All Hazards" Inter-Exchange of blended Threat Intelligence.
Why limit our vision/capabilities when looking to the future of TAXII?
Patrick Maroney
From: <cti-taxii@lists.oasis-open.org> on behalf of "Davidson II, Mark S"
Date: Tuesday, September 15, 2015 at 12:57 PM To: "Wunder, John A.", "'cti-taxii@lists.oasis-open.org'" Subject: RE: [cti-taxii] RE: Vision Statement for TAXII I’d like to attempt to summarize the various comments and discussion so far, represented as an updated proposal: TAXII is an open protocol that enables rapid and secure sharing of cyber threat information between people and systems. With a focus on
simplicity and scalability TAXII speeds the sharing of cyber threat information across tools, products, and organizations. I modified some language to my own personal liking. If my language is worse, we can revert it. Here’s the list of modifications: ·
rapid, secure, and trusted -> rapid and secure (reason: easier to remember/say) ·
cyber threat intelligence -> cyber threat information (reason: information is broader than intelligence) ·
simple and reusable concepts -> simplicity and scalability (reason: I pulled simplicity/scalability from our SC kickoff slide deck) ·
reduces the friction of sharing -> speeds sharing (reason: My preference is to frame it as a positive vs. as removing a negative) My one criticism of the current form is that both sentences end in “sharing of cyber threat information across/between <list>”. I’d also like to identify the calls for more definition around what TAXII is and is not – I’d like to offer that we discuss that as something of a
scoping statement, separate from the vision statement. Thoughts? Thank you all for participating in the discussion – I think we’re closing in on something we can all generally agree on, and all of your inputs have
been valuable. Thank you. -Mark |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]