[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti] CTI TC Proposal - Promoting Targets to Top Level Objects
I don't have a problem with this; in fact I kind of already assumed we would have to do it when we got into the TTP object. You would have a relationship from the TTP to the Victim. Simmilarly you would have a relationship to the Exploit.
It wouldn't make sense to do it any other way IMO.
-
Jason Keirstead
STSM, Product Architect, Security Intelligence, IBM Security Systems
www.ibm.com/security | www.securityintelligence.com
Without data, all you are is just another person with an opinion - Unknown
Patrick Maroney ---04/15/2016 01:32:46 PM---Promoting Targets to Top Level Objects Abstract
From: Patrick Maroney <Pmaroney@Specere.org>
To: "cti@lists.oasis-open.org" <cti@lists.oasis-open.org>
Date: 04/15/2016 01:32 PM
Subject: [cti] CTI TC Proposal - Promoting Targets to Top Level Objects
Sent by: <cti@lists.oasis-open.org>
Abstract
It includes the first draft of a notional Target Top Level Object specification and initial properties.
The objective of the attached paper is to provide the basis of the proposal, solicit community discourse and CTI TC support from those (1) in a Threat Intelligence CI and Operational Role and (2) those engaged in 2012/2013/2014 discussions around making this change.
Note: I've attached a slightly revised copy of the Tokenization Concepts Paper published to the CTI TC on March 26th. It contains concepts related to the Target proposal.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]