[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [openc2] Descriptive Language for Cyber Threat Hunting
Jane, This is great work! As we discussed at today’s meeting, we should find a way to preserve it in a CN or FAQ or both. -- Duncan Sparrell sFractal Consulting iPhone, iTypo, iApologize I welcome VSRE emails. Learn more at http://vsre.info/ From:
openc2@lists.oasis-open.org <openc2@lists.oasis-open.org> on behalf of JG @ OASIS <jg@ctin.us> Mike, Duncan, Dave & All: I took the action item of doing a first cut based on the event-based CTI we conduct during Sports-ISAO pop-up SOCs.
Importantly, in the sports domain, we have to hunt on both technical telemetry and social media disseminated influence operations threats. Therefore, our methodology uses what we call 'Deep Source Checking'
to triangulate on threats as they emerge with close collaboration between the two different teams.
See attached draft language. I tried to keep it concise.
-- ********************************** R. Jane Ginn, MSIA, MRP OASIS, TAC TC Secretary jg@ctin.us ********************************** |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]