OASIS Cyber Threat Intelligence (CTI) TC

 View Only

  • 1.  Additional relationships on process, file, and windows-registry-key SCOs

    Posted 02-14-2020 22:31
    As our product teams have started playing with STIX 2.1, they have requested additional relationships between SCOs.  I filed GitHub issues to cover these requests. windows-registry-key https://github.com/oasis-tcs/cti-stix2/issues/225 file https://github.com/oasis-tcs/cti-stix2/issues/224 process https://github.com/oasis-tcs/cti-stix2/issues/222 They are straight-forward and there is precedence for this in the Domain SCO. Since we have to have another CSD anyway, would it be possible to add these in now? Thanks, Emily Ratliff STSM, Security Architect IBM Security


  • 2.  Re: [cti] Additional relationships on process, file, and windows-registry-key SCOs

    Posted 02-14-2020 22:55
    I think this is very reasonable. We knew we were going to need to add them, but we decided to add them as they were requested. I think this is something we could easily just do on Tuesday. If you have any concerns or objections, please respond to this email or let me know off line. Thanks, Bret PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg." On Fri, Feb 14, 2020 at 3:31 PM Emily Ratliff < Emily.Ratliff@ibm.com > wrote: As our product teams have started playing with STIX 2.1, they have requested additional relationships between SCOs. I filed GitHub issues to cover these requests. windows-registry-key https://github.com/oasis-tcs/cti-stix2/issues/225 file https://github.com/oasis-tcs/cti-stix2/issues/224 process https://github.com/oasis-tcs/cti-stix2/issues/222 They are straight-forward and there is precedence for this in the Domain SCO. Since we have to have another CSD anyway, would it be possible to add these in now? Thanks, Emily Ratliff STSM, Security Architect IBM Security


  • 3.  Re: [cti] Additional relationships on process, file, and windows-registry-key SCOs

    Posted 02-16-2020 00:27
    Emily: These proposed relationships make a lot of sense. Jane On 2/14/2020 3:54 PM, Bret Jordan wrote: I think this is very reasonable. We knew we were going to need to add them, but we decided to add them as they were requested. I think this is something we could easily just do on Tuesday. If you have any concerns or objections, please respond to this email or let me know off line. Thanks, Bret PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg. On Fri, Feb 14, 2020 at 3:31 PM Emily Ratliff < Emily.Ratliff@ibm.com > wrote: As our product teams have started playing with STIX 2.1, they have requested additional relationships between SCOs. I filed GitHub issues to cover these requests. windows-registry-key https://github.com/oasis-tcs/cti-stix2/issues/225 file https://github.com/oasis-tcs/cti-stix2/issues/224 process https://github.com/oasis-tcs/cti-stix2/issues/222 They are straight-forward and there is precedence for this in the Domain SCO. Since we have to have another CSD anyway, would it be possible to add these in now? Thanks, Emily Ratliff STSM, Security Architect IBM Security -- ************************* R. Jane Ginn, MSIA, MRP Secretary OASIS CTI TC & TAC TC jg@ctin.us + 001 (928) 399-0509 *************************


Related Content