Re: [cti] Is there a user forum for STIX best practices?

[Bret Jordan <bret.jordan@broadcom.com>]

There is a CTI-users list hosted by OASIS that is open to anyone. 

Bret 

Sent from my Commodore 64

PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050

On Jul 19, 2020, at 9:04 AM, Dick Brooks <dick@reliableenergyanalytics.com> wrote:

ï

Hello Everyone,

 

                Thanks for providing insights to this STIX newbie, but I suspect this is not the proper forum to STIX/TAXII best practices for reporting and inquiry.

 

                Iâve done some searching and found some STIX discussions under  IBMâs support forums, but I was wondering if there is a generic STIX/TAXII user forum that I could ask my questions and discuss some pattern ideas, e.g. best way to communicate an SBOM within an attack pattern, best way to communicate a risk assessment containing detected vulnerabilities.

 

Does anyone have recommendations on where I can discuss STIX/TAXII best practices, so that I donât clutter this list?

 

Thanks,

 

Dick Brooks

<image001.jpg>

Never trust software, always verify and report! â

http://www.reliableenergyanalytics.com

Email: dick@reliableenergyanalytics.com

Tel: +1 978-696-1788

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature