[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-users] CybOX diversified observable data set eaxample
(Full disclosure - I am a co-founder of Cosive)
I'd also recommend the Cosive STIX data generator, available at https://generator.cosive.com . It produces fake STIX documents with objects of your choosing, and was designed for testing your systems ability to prices the different objects.
Cheers
Terry MacDonald
On 30/01/2016 03:06, "Patrick Maroney" <Pmaroney@specere.org> wrote:DHS/US-CERT publishes 100's of diverse STIX packages (e.g., MIFR,MAR, JIB, IB). I use STIX Ramrod to batch convert (https://github.com/STIXProject/stix-ramrod) legacy versions. These provide a rich set of compound observables.
These will provide a much more diverse set of CybOX than anything you will find on Hail-a-TAXII which tend to be very narrow in what is expressed (e.g., Lists of Malicious IP Addresses, Lists of Malicious Domains).
These STIX packages are generally not in the public domain, but are available in places like the US-CERT Portal (https://portal.us-cert.gov). A keyword search for "STIX" and "MIFR" may reveal alternative sources.
<marking:Controlled_Structure>//node() | //@*</marking:Controlled_Structure><marking:Marking_Structure xsi:type='tlpMarking:TLPMarkingStructureType' color="GREEN"/><marking:Marking_Structure xsi:type='TOUMarking:TermsOfUseMarkingStructureType'><TOUMarking:Terms_Of_Use>This Indicator Bulletin is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. The DHS does not endorse any commercial product or service, referenced in this bulletin or otherwise. This document is marked TLP: GREEN. Recipients may share TLP: GREEN information with peers and partner organizations within their sector or community, but not via publicly accessible channels. For more information on the Traffic Light Protocol, see http://www.us-cert.gov/tlp .</TOUMarking:Terms_Of_Use></marking:Marking_Structure>
Patrick MaroneyOffice: (856)983-0001Cell: (609)841-5104
PresidentIntegrated Networking Technologies, Inc.PO Box 569Marlton, NJ 08053
From: <cti-users@lists.oasis-open.org> on behalf of "Noel, Steven E" <snoel@mitre.org>
Date: Friday, January 29, 2016 at 10:17 AM
To: Shevah Marants <shevahm@gmail.com>, "cti-users@lists.oasis-open.org" <cti-users@lists.oasis-open.org>
Subject: RE: [cti-users] CybOX diversified observable data set example
I’m wondering if this is helpful: http://hailataxii.com/.
I have never used it, would be interested in hearing about your experiences with it.
Steve
From: cti-users@lists.oasis-open.org [mailto:cti-users@lists.oasis-open.org] On Behalf Of Shevah Marants
Sent: Friday, January 29, 2016 9:25 AM
To: cti-users@lists.oasis-open.org
Subject: [cti-users] CybOX diversified observable data set example
Hello,
I am currently investigating CybOX.
I am looking for a big corpus/dataset of Observables varying in type for different experiments on CybOX data.
The STIX and CybOX sites offer a couple of examples but they are limited in size and diversification.
Can someone point me to an interesting dataset with diversified types of Observables and Observable patterns?
Thanks.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]