cti-taxii message

Subject: Re: [cti-taxii] Questioning the wisdom of using DNS SRV records for TAXII 2.0 Discovery

From: Jerome Athias <athiasjerome@gmail.com>
To: Trey Darley <trey@soltra.com>
Date: Sat, 31 Oct 2015 12:01:28 +0300

2015-10-31 11:37 GMT+03:00 Trey Darley <trey@soltra.com>:
> On 30.10.2015 21:28:38, Jordan, Bret wrote:
>>
> It would be worth threat modeling the TAXII 2.0 architecture (once the
> spec's closer to completion) with an eye towards generating a TAXII
> 2.0 security best practices guide for implementers as an OASIS work
> product.
>

Open Microsoft Threat Modeler 2016
Define a new template (new function of version 2016)
Put CAPEC in it
Draw the Threat Model

Exam duration: 1 hour ;-)

PS: no comment on the air-gap myth in the SCADA world

Follow-Ups:
- Re: [cti-taxii] Questioning the wisdom of using DNS SRV records for TAXII 2.0 Discovery
  - From: Trey Darley <trey@soltra.com>
- Re: [cti-taxii] Questioning the wisdom of using DNS SRV records for TAXII 2.0 Discovery
  - From: Trey Darley <trey@soltra.com>

References:
- Questioning the wisdom of using DNS SRV records for TAXII 2.0 Discovery
  - From: Trey Darley <trey@soltra.com>
- RE: [cti-taxii] Questioning the wisdom of using DNS SRV records for TAXII 2.0 Discovery
  - From: Terry MacDonald <terry@soltra.com>
- Re: [cti-taxii] Questioning the wisdom of using DNS SRV records for TAXII 2.0 Discovery
  - From: "Jordan, Bret" <bret.jordan@bluecoat.com>
- Re: [cti-taxii] Questioning the wisdom of using DNS SRV records for TAXII 2.0 Discovery
  - From: Trey Darley <trey@soltra.com>