DHS has asked MITRE to organize the writing of a best practice guide for STIX. We have some basic ideas, but were hoping for some input from the community. In many calls, emails and in Slack
â members of the TC would often say something like â âthatâs a data quality issueâ, or âproducers should follow certain guidelines when creating this content (e.g., naming labels)â. Those are among the kind of things this document would capture.
DHS sees this document as a possible OASIS CTI TC note, so all content would be intellectual property of OASIS and the TC. As a google document, anyone on the TC can contribute.
Here is an outline MITRE put together. It is just a âstrawmanâ. The way to organize the document is open to discussion.
The subsections are possible topics for best practices that we thought of.
Any suggestions would be welcome 😊
Rich P.
--
Rich Piazza
Lead Cyber Security Engineer
The MITRE Corporation
781-271-3760
