[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-taxii] Vision Statement for TAXII
That's a critical point IMHO. Thanks for asking John. 2015-09-17 18:50 GMT+03:00 Wunder, John A. <jwunder@mitre.org>: > I think in order to answer Bret’s question it would be helpful to define > what value-add we expect TAXII to provide to the sharing cyber threat > intelligence (I include “cyber” in there because of the charter). There are > a lot of generic data transports: OASIS has OData, AMQP, SOAP, HTTP, etc. > Many of them provide for authentication, data integrity, channels, and other > things that we’ve talked about TAXII defining. What do we expect TAXII to do > beyond that that makes it better specifically for sharing CTI? > > - Is it simply a standard transport/authentication so things are plug and > play? > - Or, beyond that, does it define specific behaviors that are useful for > sharing threat intel? > - Or, even beyond that, does it talk at all about the content that gets > shared? > - As a subcategory of that, it could even reference or define specific types > of payloads > > This also gets at the scoping question…what problems identified in the use > cases is TAXII trying to solve and which does it leave to STIX or other > specs? > > John
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]