Can I make a request that every training that takes place regarding STIX/TAXII/CybOX specifically mention/provide training on the STIX validator? We have had several different instances where people attempt to share information with us in STIX format,
but the STIX doesn’t validate so we can’t actually use what they’re sending us.
Thanks,
Sarah Kelley
Senior CERT Analyst
Center for Internet Security (CIS)
Integrated Intelligence Center (IIC)
Multi-State Information Sharing and Analysis Center (MS-ISAC)
1-866-787-4722 (7×24 SOC)
www.cisecurity.org
Follow us @CISecurity
If we do this right, then it is possible for us to have a F2F where we do design work, trainings/briefing where we help people that are not in OASIS come up to speed, and do a half-day / full day user / developer session. I could actually see this turning
in to a 4-5 day event.
Day 1 = Briefings for Executives and Governments
Day 2 - 3 = Face 2 Face
Day 4 = Training for Users, Analysts, and Developers
Day 5 = Developer hack-a-thon where community get to meet with the groups doing the work and collaborate on open source development efforts.
Thanks,
Bret
Bret Jordan CISSP
Director of Security Architecture and Standards | Office of the CTO
Blue Coat Systems
PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
I'd like to see some simultaneous hack-a-thon happening, for those of us who are more comfortable with code commits than Powerpoint presentations.
JSA
I think the most obvious conference to tailgate on is the annual FIRST assembly.
Cheers,
Trey
--
Trey Darley
Senior Security Engineer
Soltra | An FS-ISAC & DTCC Company
+32/494.766.080 | trey@soltra.com
www.soltra.com
++----------------------------------------------------------------------------++
Sent from my CRM-114 Discriminator
On Jan 28, 2016 18:47, "Foley, Alexander - GIS" < alexander.foley@bankofamerica.com> wrote:
I agree with this proposal, but wouldn’t be against adding additional satellite events – I’d host one in Charlotte or I bet we could find someone to host in Atlanta.
Perhaps it would be good to align our events with other widely attended security conferences if possible, like we’re doing with RSA?
Based on the discussion on today's TC wide call, I would like to propose that we adopt:
1) a 6 month cadence for full 2-3 day Face 2 Face events.
1a) where it makes sense, follow these full F2F events with public training / briefing events
2) regular regional training events that could double as mini-1 day / half day F2F meetings
I would like to propose the following schedule as a straw man.
May-June 2016 - Training / Briefing - Washington DC Area
Aug-Sept 2016 - Face2Face - London / Belgium / Amsterdam with a Training / Briefing either before or after the F2F (piggy back on the travel) for NATO, EuroPOL, ENISA, etc
Oct-Nov 2016 - Training / Briefing - San Francisco, CA / Bay Area
March 2017 - Face2Face - Tokyo, Japan / Australia with a Training / Briefing - Tokyo, Japan / Australia (piggy back on the travel) for (yet to be identified government groups, companies,
etc)
May-June 2017 - Training/Briefing - TBD possible options (Seattle Washington Area or maybe Canada)
Aug-Sept 2017 - Face2Face - Washington DC Area with a Training / Briefing either before of after the F2F for the Washington DC area people.
Bret Jordan CISSP
Director of Security Architecture and Standards | Office of the CTO
PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
This message, and any attachments, is for the intended recipient(s) only, may contain information that is privileged, confidential and/or proprietary and subject to important terms and conditions available at
http://www.bankofamerica.com/emaildisclaimer. If you are not the intended recipient, please delete this message.
This message and attachments may contain confidential information. If it appears that this message was sent to you by mistake, any retention, dissemination, distribution or copying of this message and attachments is strictly prohibited. Please notify
the sender immediately and permanently delete the message and any attachments.
. . .
|