Greetings CTI community,
My apologies for sending this out again. It was mentioned that my message came across as blank for some.
I am reaching out to the group to see if anyone would be willing to provide a demo of the STIX dataset capabilities and how they are able to leverage STIX CTI data within the environment. We have a small group of CTI analysts who are looking
to automate and empower our analytical capabilities and are hoping through integration of STIX we can exponentially enhance our overall capabilities. If anyone is willing to share with our team, we would be most grateful for this exchange. Please reply to
me directly to engage further: krburrell@deloitte.com
Thank you.
Respectfully,
Michelle Burrell
Deloitte & Touche LLC
Tel/Direct:
+1 571 858 0297 |
202.276.9144
Please consider the environment before printing.
From: cti-users@lists.oasis-open.org <cti-users@lists.oasis-open.org>
On Behalf Of Chet Ensign
Sent: Monday, February 22, 2021 11:05 AM
To: project-announce@lists.oasis-open.org; Members <members@lists.oasis-open.org>; OASIS CTI TC Discussion List <cti@lists.oasis-open.org>; OASIS CTI co-chairs <cti-committee-chairs@lists.oasis-open.org>; cti-users@lists.oasis-open.org
Subject: [EXT] [cti-users] Invitation to comment on STIX™ V2.1 and TAXII™ V2.1 before Call for Consent as OASIS Standard - ends April 23rd
The specifications, defining a free, open language for describing and exchanging cyber threat intelligence, enters the 60-day public review that precedes the call for consent as an OASIS Standard.
OASIS members and other interested parties,
OASIS and the Cyber Threat Intelligence (CTI) TC [1] are pleased to announce that STIX™ Version 2.1 and TAXII™ Version 2.1 are now available for public review and comment. General information about these public reviews and the events leading up to them can
be found in
http://docs.oasis-open.org/cti/stix/v2.1/cs02/stix-v2.1-cs02-public-review-metadata.html and
http://docs.oasis-open.org/cti/taxii/v2.1/cs01/taxii-v2.1-cs01-public-review-metadata.html.
Structured Threat Information _expression_ (STIX) is a language and serialization format used to exchange cyber threat intelligence. STIX enables organizations and tools to share threat intelligence with one another in a way that improves many different capabilities,
such as collaborative threat analysis, automated threat exchange, automated detection and response, and more.
The TC received 3 Statements of Use from Accenture Security, Fujitsu, and New Context [2].
TAXII is an application layer protocol for the communication of cyber threat information in a simple and scalable manner. it is specifically designed to support the exchange of CTI represented in STIX, but is not limited to STIX.
The TC received 5 Statements of Use from Fujitsu, Celerium, LookingGlass Cyber Solutions, Cyware Labs, and FreeTAXII [3]
The candidate specifications and related files are available here:
STIX™ Version 2.1
Committee Specification 02
25 January 2021
Editorial source (Authoritative):
https://docs.oasis-open.org/cti/stix/v2.1/cs02/stix-v2.1-cs02.docx
HTML:
https://docs.oasis-open.org/cti/stix/v2.1/cs02/stix-v2.1-cs02.html
PDF:
https://docs.oasis-open.org/cti/stix/v2.1/cs02/stix-v2.1-cs02.pdf
TAXII™ Version 2.1
Committee Specification 01
27 January 2020
Editorial source (Authoritative):
https://docs.oasis-open.org/cti/taxii/v2.1/cs01/taxii-v2.1-cs01.docx
HTML:
https://docs.oasis-open.org/cti/taxii/v2.1/cs01/taxii-v2.1-cs01.html
PDF:
https://docs.oasis-open.org/cti/taxii/v2.1/cs01/taxii-v2.1-cs01.pdf
For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
STIX:
https://docs.oasis-open.org/cti/stix/v2.1/cs02/stix-v2.1-cs02.zip
TAXII:
https://docs.oasis-open.org/cti/taxii/v2.1/cs01/taxii-v2.1-cs01.zip
Public Review Period
The 60-day public reviews start 23 February 2021 at 00:00 UTC and end 23 April 2021 at 23:59 UTC.
This is an open invitation to comment. OASIS solicts feedback from potential users, developers and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.
Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility as explained in the instructions located via the button labeled "Send A Comment" at the top of the TC public home page, or directly at:
https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=cti
Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:
http://lists.oasis-open.org/archives/cti-comment/
All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with these public reviews of “STIX V2.1" and "TAXII
V2.1," we call your attention to the OASIS IPR Policy [4] applicable especially [5] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability
of a member's patent, copyright, trademark and license rights that read on an approved OASIS specification.
OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC's work.
Additional information
[1] OASIS Cyber Threat Intelligence (CTI) TC
https://www.oasis-open.org/committees/cti/
[2] STIX statements of use
- Accenture Security:
https://www.oasis-open.org/apps/org/workgroup/cti/email/archives/202102/msg00006.html
- Fujitsu:
https://www.oasis-open.org/apps/org/workgroup/cti/email/archives/202102/msg00005.html
- New Context:
https://www.oasis-open.org/apps/org/workgroup/cti/email/archives/202101/msg00027.html
[3] TAXII statements of use
- Fujitsu:
https://www.oasis-open.org/apps/org/workgroup/cti/email/archives/202102/msg00005.html
- Celerium:
https://www.oasis-open.org/apps/org/workgroup/cti/email/archives/202007/msg00002.html
- LookingGlass Cyber Solutions:
https://www.oasis-open.org/apps/org/workgroup/cti/email/archives/202006/msg00019.html
- Cyware Labs:
https://www.oasis-open.org/apps/org/workgroup/cti/email/archives/202007/msg00033.html
- FreeTAXII:
https://www.oasis-open.org/apps/org/workgroup/cti/email/archives/202101/msg00028.html
[4] http://www.oasis-open.org/policies-guidelines/ipr
[5] http://www.oasis-open.org/committees/cti/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr#Non-Assertion-Mode
Non-Assertion Mode
--
|
|
Chet Ensign
Chief Technical Community Steward OASIS Open |
|
|
|
|
This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, you should delete this message and any disclosure, copying, or distribution of this message, or the taking of any action based on it, by you is strictly prohibited.
Deloitte refers to a Deloitte member firm, one of its related entities, or Deloitte Touche Tohmatsu Limited ("DTTL"). Each Deloitte member firm is a separate legal entity and a member of DTTL. DTTL does not provide services to clients. Please see www.deloitte.com/about to learn more.
v.E.1