[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-users] My opinion piece mentioning STIX-TAXII
This is our desire and goal. However, there are some steps along the way, let me illustrate two of them... 1) How to you make the shared CTI machine actionable for any arbitrary STIX 1.2 document today. Hint, think through what you would need to do in code to make this happen. 2) How do you know for sure that you can trust the CTI you are openly getting? Or how do you now the CTI is even valid? Open public sharing is a two edged sword without validation, verification, and assessment. Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards | Office of the CTO Blue Coat Systems PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
|
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]