OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

cti message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [cti] CTI TC Adoption and Interoperability SCs

I think that this higher level approach is the way to go. It is very much in line with where I had planned to take the stix supporters concept in a future iteration. As was suggested in an earlier email in this thread, I think we should encourage producers and consumers to provide this higher level information while also drafting a profile that describes their stix/cybox usage. The profile would not initially be about interoperability. Instead it would be a tool to allow for detailed communication of the supported stix/cybox structures.

 

Jon

 

============================================

Jonathan O. Baker

J83D - Cyber Security Partnerships, Sharing, and Automation

The MITRE Corporation

Email: bakerj@mitre.org

 

From: cti@lists.oasis-open.org [mailto:cti@lists.oasis-open.org] On Behalf Of Jordan, Bret
Sent: Monday, July 13, 2015 2:37 PM
To: Jason Keirstead
Cc: cti@lists.oasis-open.org
Subject: Re: [cti] CTI TC Adoption and Interoperability SCs

 

Okay, now I think we are getting out of the weeds and moving forward, so what about this, with the changes from Jason and Eric.

 

For STIX:

 

Does your product support:

S1) Data marking / handing

S2) Information source integrity

S3) The required fields from the following STIX Idioms

          a) Indicators

          b) Incidents

          c) Threat Actors

          d) Campaigns

          e) TTPs

          f) Course of Actions

          g) Exploit Targets

          h) Observables

S4) The required fields from the following CybOX objects

          i) TBD

S5) Do you support STIX Profile processing for the following profiles

          a) TBD

          b) TBD

 

Optional Extras You Might Support (this is meant to give extra color / context to differentiate products)

SA) Do you have a UI for STIX generation

 

 

 

For TAXII:

 

Does your product support:

T1) Discovery Services

T2) Collection Services

T3) Subscription Services

T4) Poll Services

T5) Inbox Services

T6) Data Feeds

T7) Data Collections

T8) Delete Requests

 

Optional Extras You Might Support

TA) Authentication 

TB) Two-factor Authentication

 

Thanks,

 

Bret

 

 

 

Bret Jordan CISSP

Director of Security Architecture and Standards | Office of the CTO

Blue Coat Systems

PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050

"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg." 

 

On Jul 13, 2015, at 12:27, Jason Keirstead <Jason.Keirstead@ca.ibm.com> wrote:

 

RE STIX 3.h, I would also like to see included in the profile a list of the CybOX objects supported.

RE TAXII 8,9 I am not sure how authentication types can be included in the profile when they are not part of the TAXII protocol.

-
Jason Keirstead
Product Architect, Security Intelligence, IBM Security Systems
www.ibm.com/security | www.securityintelligence.com

Without data, all you are is just another person with an opinion - Unknown

 

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]