OASIS Charter Submission Discuss

Dear All We are interested to support the charter for Threat Actor Context as discussed with Jane some time ago. But we had some clear objectives but it seems to not be included in the charter such as: - Bridging and supporting existing open source Threat Actor Repository initiatives such as MITRE ATT&CK, MISP Galaxy and others - Helping open source communities to strengthen their repositories and reuse/cross-reference existing initiatives - Ensuring the ability to reference Threat Actor Context between standards (not only STIX but others too) Let me know how we should proceed. Thanks a lot. Cheers -- Alexandre Dulaunoy CIRCL - Computer Incident Response Center Luxembourg 16, bd d'Avranches L-1160 Luxembourg info@circl.lu - www.circl.lu - (+352) 247 88444

Alexandre: All good objectives. We are planning another working session next week to address comments. We'll enter these into the log and make sure they are incorporated into the next version. Join if you can. Ryan, Anuj, I will defer to your judgement on where we insert responses to these comments. Jane On Oct 10, 2019, at 6:17 AM, Alexandre Dulaunoy < alexandre.dulaunoy@x.circl.lu > wrote: Dear All We are interested to support the charter for Threat Actor Context as discussed with Jane some time ago. But we had some clear objectives but it seems to not be included in the charter such as: - Bridging and supporting existing open source Threat Actor Repository initiatives such as MITRE ATT&CK, MISP Galaxy and others - Helping open source communities to strengthen their repositories and reuse/cross-reference existing initiatives - Ensuring the ability to reference Threat Actor Context between standards (not only STIX but others too) Let me know how we should proceed. Thanks a lot. Cheers