Re: [oasis-charter-discuss] Re: [EXT] [oasis-charter-discuss] Notes from SARIF convener call 31 July 2017

[Chet Ensign <chet.ensign@oasis-open.org>]

Hi folks, 

Well, you all got that sorted out. I just want to quickly add that if, at any time, you think a conversation to explore touch points & possible areas of alignment would be useful, staff is happy to organize it for you. 

Best, 

/chet

On Tue, Aug 1, 2017 at 11:26 AM, Trey Darley <trey@newcontext.com> wrote:

On 01.08.2017 15:14:08, Trey Darley wrote:
>
> Indeed. We've been working with DC3 on incorporating MWCP [1] into
> the STIX Malware data model. Not to suggest that MWCP addresses all
> of the static analysis metadata that the proposed SARIF TC intends
> to develop a standard for but there's clearly significant overlap
> between our respective efforts.
>

Hey, y'all -

Apparently I'm not firing on all cylinders today. Ivan Kirillov just
pointed out that SARIF is intended to address static source code
analysis, not static analysis of malware binaries. These are clearly
very different things.

I retract my previous comments and apologize for the spurious mail
traffic. ¯\_(ツ)_/¯

--
Cheers,
Trey
++--------------------------------------------------------------------------++
Director of Standards Development, New Context
gpg fingerprint: 3918 9D7E 50F5 088F 823F  018A 831A 270A 6C4F C338
++--------------------------------------------------------------------------++
--
"With sufficient thrust, pigs fly just fine. However, this is not
necessarily a good idea. It is hard to be sure where they are going to
land, and it could be dangerous sitting under them as they fly
overhead." --RFC 1925

--

/chet 
----------------
Chet Ensign
Director of Standards Development and TC Administration 
OASIS: Advancing open standards for the information society
http://www.oasis-open.org

Primary: +1 973-996-2298
Mobile: +1 201-341-1393