OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

cti message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [cti] STIX Best Practice Guide



ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ I believe that greater alignment of CTI STIX and SBOM taxonomy, semantics and data content standards would be beneficial to parties in the Energy industry that are performing software supply chain risk assessments to protect the Bulk Electric System from cyberattack. The ability to quickly and accurately identify vulnerabilities for a specific software product, as defined by itâs SBOM content, would greatly improve risk based decisions to install/not install a software object based on a trustworthiness score. Todayâs vulnerability search results contain far too many false positives resulting in a poor signal/noise ratio. These results could improve dramatically by aligning SBOM and STIX, data and content model standards.



From: cti@lists.oasis-open.org <cti@lists.oasis-open.org> On Behalf Of Rich Piazza
Sent: Monday, November 30, 2020 10:56 AM
To: cti@lists.oasis-open.org
Subject: [cti] STIX Best Practice Guide


DHS has asked MITRE to organize the writing of a best practice guide for STIX.  We have some basic ideas, but were hoping for some input from the community.  In many calls, emails and in Slack â members of the TC would often say something like â âthatâs a data quality issueâ, or âproducers should follow certain guidelines when creating this content (e.g., naming labels)â.  Those are among the kind of things this document would capture. 


DHS sees this document as a possible OASIS CTI TC note, so all content would be intellectual property of OASIS and the TC.  As a google document, anyone on the TC can contribute.


Here is an outline MITRE put together.  It is just a âstrawmanâ. The way to organize the document is open to discussion.

The subsections are possible topics for best practices that we thought of.


Any suggestions would be welcome 😊


                Rich P.



Rich Piazza

Lead Cyber Security Engineer

The MITRE Corporation






[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]