[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti] Inviting nominations for Chair of Cyber Threat Intelligence (CTI) TC,
I like the hut idea, and I would love to sit down with our European and other geo partners in this effort and understand their struggles, use-cases, and things they would like to see. I believe it is vitally important to understand - completely - what everyone would like to do, what they are doing, and the roadblocks that are preventing them from being successful. We are still very much in the early adopter and initial hype phase for this technology. We have a lot of work ahead of us to get across the chasm, and the team really needs leaders at the TC level and the working groups level that can allocate enormous amounts of time and that represent a broad collection of the community. If we want this effort to truly be successful, then individual organizations and entities that are trying to use it, need to be successful. Sometimes this means helping them to see and compute the ROI and long term benefits from using it and sometimes it means making the standard easier to use or do more things. We as a TC need to take the time to understand their pain points and then take that feedback and drive solutions within the standard. In addition to my community and customer outreach and consulting in regard to STIX and TAXII, I have been investigating what other vendors are trying to do with it, and have started writing my own open source implementation (I am doing this to get a feel for what integrators are dealing with). These three efforts have give me a very interesting perspective on the issues people are facing and things we need to do to help make them successful. Things I would love to see come out of our standards work within 18-24 months: * at least 30 major vendors using STIX and TAXII in their main product lines * at least 10 new startups become highly successful because of STIX and TAXII * hundreds of apps on the various App Stores that can interact with STIX and TAXII data * sharing outside of niche eco-systems that works with data-marking and handling restrictions * at least 10 of the major OSI repos delivering their feeds via STIX and TAXII * desperate products in the network communicating with each other over STIX and TAXII * solutions to prevent repo poisoning and source verification of intel * API support in more programming languages * database examples and prototypes to aid rapid development and solutions by startups and open source developers Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards | Office of the CTO Blue Coat Systems PGP Fingerprint: 62A6 5999 0F7D 0D61 4C66 D59C 2DB5 111D 63BC A303 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
|
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]