This is something that we will need to add to TAXII 2.0... Eric / Jason, please give a detailed dump of what this should look and feel like on the CTI TAXII list so we can get working on this for TAXII 2.0
Thanks,
Bret Bret Jordan CISSPDirector of Security Architecture and Standards | Office of the CTO Blue Coat Systems PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
I presume what Eric means is, while we have support for profiles in STIX, (http://stixproject.github.io/documentation/profiles/), because they are not part of TAXII, they are not actually negotiated at all.
I can not write a client that talks to a generic TAXII server and say "my client supports this profile" and have the server say "OK that is supported by me, we will proceed" and the client then start sending / receiving data.
If there is some way to do this, that people are leveraging, whereby the profile spreadsheet files can be negotiated using TAXII.. it is unclear to me (and it would be great to be shared...!)
- Jason Keirstead Product Architect, Security Intelligence, IBM Security Systems www.ibm.com/security | www.securityintelligence.com
Without data, all you are is just another person with an opinion - Unknown
<cti@lists.oasis-open.org> wrote on 2015/07/14 11:24:37 AM:
> From: "Barnum, Sean D." <sbarnum@mitre.org> > To: Eric Burger <Eric.Burger@georgetown.edu>, "cti@lists.oasis- > open.org" <cti@lists.oasis-open.org> > Date: 2015/07/14 11:24 AM > Subject: Re: [cti] CTI TC Adoption and Interoperability SCs > Sent by: <cti@lists.oasis-open.org> > > Hi Eric, > > Just to clarify something mentioned below. "Since we do not have > profiles (yet), one would be hard pressed to say one does “profile > processing.”" > We do currently have profiles and we do currently have “profile > processing”. Many community members (including sharing communities > that are CTI community members) are currently leveraging profiles. > They specify them, share them and design their processes around them.
|