[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: STIX Confidence proposal nearing completion
|
After reviewing this, I think we should actually have a call to go through the mappings. I do not think they are yet ready for prime time.
Bret
From: cti@lists.oasis-open.org <cti@lists.oasis-open.org> on behalf of Sarah Kelley <Sarah.Kelley@cisecurity.org>
Sent: Monday, February 27, 2017 9:49:17 AM To: cti@lists.oasis-open.org Subject: [cti] STIX Confidence proposal nearing completion All, We feel that we have reached a general consensus on the approach for confidence. In following with the procedure outlined in the CTI meeting last Thursday, we are bringing this topic to the
list for any other changes and comments. If you haven’t had a chance to review it yet, the proposal is located here: A summary of the approach: An optional confidence property will be added to each SDO. This confidence value indicates the producer’s confidence in the correctness of their data. Confidence
MUST be an integer value in the range 0-100. An appendix will be provided that contains normative mappings to other scales like low/med/high, 0-10, Words of Estimative Probability (WEP), and Admiralty credibility. These mappings
MUST be used if any scale not 0-100 is used. If you have not had a chance to review the proposal, please do so before Wednesday March 1st. At that point, we will be moving confidence into the STIX 2.1 spec. While this does
not mean that additional changes cannot be made, we would prefer to make any major revisions before the proposal goes into the working 2.1 specification. Thanks, Sarah Kelley Senior Cyber Threat Analyst Center for Internet Security (CIS) Integrated Intelligence Center (IIC) Multi-State Information Sharing and Analysis Center (MS-ISAC) 1-866-787-4722 (7×24 SOC) Email: cert@cisecurity.org Follow us @CISecurity . . . |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]