[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [EXT] Re: [cti] Roadmap discussion and update
We do not yet finished malware. It is getting close to a solid initial proposal, but that will then need to be vetted by the community and the vendors that are going to implement it. I feel like we are going down a dangerous path of we want this release out at this time. And if things like Malware are not fully done, we will just cut functionality or features to make sure "something" gets put in to the release.
Bret From: cti@lists.oasis-open.org <cti@lists.oasis-open.org> on behalf of Wunder, John A. <jwunder@mitre.org>
Sent: Tuesday, August 8, 2017 2:17:32 PM To: cti@lists.oasis-open.org Subject: [EXT] Re: [cti] Roadmap discussion and update I was going to respond as well but Allan said pretty much exactly what I would have, so I’ll just second his statement. We said we would aim for a complete release with 2.1, and IMO what we have in confidence,
i18n, location, malware, and IEP in particular are big steps forward and justify sticking to our release. John From: <cti@lists.oasis-open.org> on behalf of Allan Thomson <athomson@lookingglasscyber.com> Sarah – Thanks for sending the summary. I would suggest we keep with our plan for a Fall release of STIX 2.1 that includes:
Regarding the items marked in
red below, I would suggest that we just take a strategy that if the sub-group reaches sufficient progress by the STIX2.1 cutoff then we include. If not then we push to STIX2.2.
regards From: "cti@lists.oasis-open.org" <cti@lists.oasis-open.org> on behalf of Sarah Kelley <Sarah.Kelley@cisecurity.org> CTI-TC, We wanted to send a follow-up email regarding the roadmap conversation that was started on the last monthly call. From our original list of items we wanted to have in STIX 2.1, this is where we stand: Finished:
Mostly done:
In Progress:
Still to come (or in mini-group):
As mentioned during the meeting(s), we aren’t making fast enough progress through our roadmap in order to get all of these objects into a fall release. We have three choices:
Which really leaves us with two choices:
The general consensus of the co-chairs (without unanimity) is that that the third option is the most logical at the moment. Setting a hard deadline of Sept 30 would allow us to get a 2.1 update out with important
new objects, but also allow us to give certain large topics (like COA, Infrastructure and Event) the full time and attention they need to get them right by pushing them to a later release. This would also allow our October F2F to focus on kick starting STIX
2.2. Given that this committee works via consensus and that the co-chairs do not decide anything unilaterally, we would like to open this conversation up for wider discussion. Please chime in and let everyone know
your preference. Thanks, Sarah Kelley Senior Cyber Threat Analyst Multi-State Information Sharing and Analysis Center (MS-ISAC) 31 Tech Valley Drive East Greenbush, NY 12061 518-266-3493 24x7 Security Operations Center SOC@cisecurity.org - 1-866-787-4722 This message and attachments may contain confidential information. If it appears that this message was sent to you by mistake, any retention, dissemination, distribution or copying of this message and attachments
is strictly prohibited. Please notify the sender immediately and permanently delete the message and any attachments.
This message and attachments may contain confidential information. If it appears that this message was sent to you by mistake, any retention, dissemination, distribution or copying of this message and attachments
is strictly prohibited. Please notify the sender immediately and permanently delete the message and any attachments.
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]