Re: [cti] EUROPE adopts STIX and TAXII

["Struse, Richard J." <rjs@mitre.org>]

Carol – thanks for sharing this!

 

All – we should be extremely proud of this recognition of our collective work in the CTI TC.  One of the primary reasons I advocated within DHS for the transition of STIX and TAXII to a formal standards body was to enable exactly this sort of ruling so I am extremely gratified to see this come to pass.

 

This will only help accelerate the adoption and usage of STIX and TAXII globally, ensuring that the hard work we are doing within the TC has relevance for many years to come.

 

Congratulations everyone!

 

Rich

 

 

Richard J. Struse

 

Chair, OASIS Cyber Threat Intelligence Technical Committee

Chief Strategist for Cyber Threat Intelligence

The MITRE Corporation

+1-703-983-7049 (office)

+1-703-342-8368 (mobile)

 

 

From: <cti@lists.oasis-open.org> on behalf of Carol Cosgrove-Sacks <carol.cosgrove-sacks@oasis-open.org>
Date: Tuesday, January 9, 2018 at 3:35 PM
To: Jason Keirstead <Jason.Keirstead@ca.ibm.com>
Cc: OASIS CTI TC Discussion List <cti@lists.oasis-open.org>, Chet Ensign <chet.ensign@oasis-open.org>
Subject: Re: [cti] EUROPE adopts STIX and TAXII

 

Hello. 

I can confirm that the recognition covers subsequent versions.  The Decision was taken based on the version that was available at the start of the process.

Hoping this reassures you.

Well done! 

Carol 

 

On 9 Jan 2018 9:16 p.m., "Jason Keirstead" <Jason.Keirstead@ca.ibm.com> wrote:

I don't know anything at all about this process - but I noticed it specifically mentions the STIX 1.2 and TAXII 1.1 versions.

        ‘Structured Threat Information _expression_’ (‘STIX 1.2’) and ‘Trusted Automated Exchange of Indicator Information’ (‘TAXII 1.1’) developed by the Organization for the Advancement of Structured Information Standards (‘OASIS’).

How would we get STIX 2.0 and TAXII 2.0 added to this? Anyone have any ideas? Or does it matter? Anyone have insights?


-
Jason Keirstead
STSM, Product Architect, Security Intelligence, IBM Security Systems
www.ibm.com/security

"Things may come to those who wait, but only the things left by those who hustle." - Unknown




From:        Chet Ensign <chet.ensign@oasis-open.org>
To:        Carol Cosgrove-Sacks <carol.cosgrove-sacks@oasis-open.org>
Cc:        OASIS CTI TC Discussion List <cti@lists.oasis-open.org>
Date:        01/09/2018 03:59 PM
Subject:        Re: [cti] EUROPE adopts STIX and TAXII
Sent by:        <cti@lists.oasis-open.org>

---

Let me add my congratulations folks. You've worked hard these past years. Seeing you get this recognition is a great start to 2018! 

Good work! 

/chet

On Tue, Jan 9, 2018 at 2:56 PM, Carol Cosgrove-Sacks <carol.cosgrove-sacks@oasis-open.org> wrote:
Dear Members of the CTI TC,

I have just been informed  that the EU has made a formal Decision to recognize the use of STIX 1.2 and TAXII 1.1 for use in public procurement.


Please see Commission Implementing Decision (EU) 2017/2288 of 11 December 2017:  http://eur-lex.europa.eu/legal-content/EN/TXT/?qid=1515520575463&uri=CELEX:32017D2288

Congratulations! This Decision covers all 28 EU countries and is also applied by the 4 EFTA countries.*

I am delighted that your excellent work has received such high level recognition.

Dr Carol Cosgrove-Sacks
Senior Advisor on International Standards Policy
OASIS

 

*(EU: Austria, Belgium,  Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland,  France, Germany, Greece, Hungary, Ireland,  Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden and United Kingdom;

EFTA: Iceland, Liechtenstein, Norway and Switzerland.)

--




--

/chet 
----------------
Chet Ensign
Director of Standards Development and TC Administration 
OASIS: Advancing open standards for the information society
http://www.oasis-open.org

Primary: +1 973-996-2298
Mobile: +1 201-341-1393