OASIS Cyber Threat Intelligence (CTI) TC

  • 1.  Working call agenda 10/30/28

    Posted 10-30-2018 12:49
      |   view attached
    All,   Today on the working call we’ll be discussing the 1` option that discussed at the F2F in NYC. For those not in attendance, there was a proposal to redesign the STIX data model and make observables top level objects (known as option 1`). A second proposal was made to just modify observed data and use that instead (option 7). The two options have been modeled here: ( https://docs.google.com/document/d/1puPuKVWNSelrWH05yu9It99OuqQGdYo_Et0nmZKAZz8/edit ) for various use cases.   Please join us to  make this conversation productive and successful.   Thanks,   Sarah Kelley Lead Cybersecurity Engineer, T8B2 Defensive Operations The MITRE Corporation 703-983-6242 skelley@mitre.org  


  • 2.  Re: [EXT] [cti] Working call agenda 10/30/28

    Posted 10-30-2018 16:08
      |   view attached



    One thing that is implicit in this email is that observed data needs to change to address a lot of use cases.  


    What is being discussed is how best to do that.  Each has their pro and con.  We are also trying to ensure that we do not add a temporary fix that we have to revisit again in 6-12 months.  


    Bret 

    Sent from my Commodore 64 


    PGP
    Fingerprint:  63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050


    On Oct 30, 2018, at 6:49 AM, Kelley, Sarah E. < skelley@mitre.org > wrote:







    All,
     
    Today on the working call we ll be discussing the 1` option that discussed at the F2F in NYC. For those not in attendance, there was a proposal to redesign the STIX data model and make observables top level objects (known as option 1`).
    A second proposal was made to just modify observed data and use that instead (option 7). The two options have been modeled here: ( https://docs.google.com/document/d/1puPuKVWNSelrWH05yu9It99OuqQGdYo_Et0nmZKAZz8/edit )
    for various use cases.
     
    Please join us to  make this conversation productive and successful.

     
    Thanks,
     
    Sarah Kelley
    Lead Cybersecurity Engineer, T8B2
    Defensive Operations
    The MITRE Corporation
    703-983-6242
    skelley@mitre.org
    <image001.jpg>