Re: [cti] RE: [EXT] Re: [cti] Need to integrate MAEC and STIX into single report

[JG on CTI-TC <jg@ctin.us>]

Subodh:

Below is a really good link to Bookmark.  In it, you'll see links to the final, and working documents.

https://docs.google.com/document/d/1yvqWaPPnPW-2NiVCLqzRszcx91ffMowfT5MmE9Nsy_w/edit#heading=h.8bbhgdisbmt

You'll find the flushed out Malware object for STIX 2.1 Here:

https://docs.google.com/document/d/1bkMmU1PxlwlAwjrMmyWV147rvLcRs2x62FicHbpH2gU/edit#heading=h.cabdb5lryb9q

Also, from the OASIS CTI TC website you'll see a link to the Wiki.  We are trying to keep resources and tool links up there, too.

Jane

On 4/16/2018 1:42 PM, Kumar, Subodh wrote:

Thank Bret! I was expecting that based on the 2.1 work scope that I had read. My apologies, but I could not get to the 2.1 document. Can you point me there? I would like to minimize the customization, while keeping this as a mechanism to always extend STIX model.

 

Subodh Kumar │ Executive Director |  Technology │ Cybersecurity & Technology Controls │ J.P. Morgan Chase & Co. │ 575 Washington Boulevard, Jersey City, NJ, 07310 │ T: +1 201 595 7299 │ subodh.kumar@jpmorgan.com

 

From: Bret Jordan [mailtoBret_Jordan@symantec.com]
Sent: Monday, April 16, 2018 4:36 PM
To: Kumar, Subodh <subodh.kumar@jpmorgan.com>; cti@lists.oasis-open.org
Subject: Re: [EXT] Re: [cti] Need to integrate MAEC and STIX into single report

 

Subodh,

 

You should look at the changes we have made to the STIX 2.1 Malware object. I think this should get you more than 80-90% of the way.

 

Bret

---

-- 
Jane Ginn, MSIA, MRP
CTI TC Secretary, OASIS
Co-Founder of Cyber Threat Intelligence Network, Inc.
jg@ctin.us