[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti] Thoughts on STIX and some of the other threads on this list
Eric, great points and well said. I like your top level vision for this group as well, it is clear this is not your first rodeo. "Simplicity, ease of use, one-way of doing things." If we all step back and think about this for a moment, we will be successful if: 1) SOCs are using it and they do not even realize it, it is just ubiquitous everywhere with every tool and product in their network 2) "it just works", we have Apple-ize it 3) there are hundreds or thousands of APPs and tools on the various APP stores that people start doing really creative things with CTI data. 4) It is so simple and easy to use that everyone implements it because it is so easy to do so. 5) A customer that buys a solution does not need to know about which version of STIX or which binding is being used. It just works.... Once again we have Apple-ized it. 6) If every major network and security product vendor can either produce STIX, consume STIX, or perform data-enrichment on a STIX object. I think it is really sad that we have more interconnection in our living rooms with our TVs than we have in our security products. On the TAXII side, we are pushing to these Value statements. We are pushing for simplicity, elegance, and ease of use. We want TAXII to be the best way for sharing CTI, period. We want it to be so easy that there is no reason why you would not do it. We want it to just work and be so conceptually easy to understand. I think that Eric and Bernd have really spelled out a call to action for this group. Lets answer the call, lets work together, lets solve this. I believe we can solve this. I believe we as a group are smart enough and have enough collective wisdom to do it. I believe that we can really make a long-term difference in cyber security. I have a vision for where the SOC of the future needs to go, and I want to see us get there. Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards | Office of the CTO Blue Coat Systems PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
|
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]