Mark et al,
Victims/Targets as TLOs* is a gaping hole in the current CTI Model. Glad to see we are finally talking about these things in general (and hopefully soon in substance).
(*Note: along with their relations to everything else, including the missing concepts of White Hat TTPs)
Patrick Maroney
President
Integrated Networking Technologies, Inc.
Office: (856)983-0001
Cell: (609)841-5104
From: <
cti-stix@lists.oasis-open.org > on behalf of Anthony Rutkowski <
tony@yaanatech.com >
Organization: Yaana Technologies
Reply-To: Anthony Rutkowski <
tony@yaanatech.com >
Date: Monday, October 26, 2015 at 11:47 AM
To: Mark Davidson <
mdavidson@mitre.org >, "
cti-stix@lists.oasis-open.org " <
cti-stix@lists.oasis-open.org >
Subject: Re: [cti-stix] STIX 2.0 Architecture - Relationships, Sightings, and Targeting
+1
Great graphic. Helps with developing the
new constructs and significant directions
and opportunities.
--tony
On 2015-10-26 8:53 AM, Davidson II, Mark S wrote:
The architecture was touched on in a few of the earlier cti-stix discussions (Relationships, Sightings, Targeting), which IMO makes the architecture a good candidate for early discussion. I’ve thrown together a notional diagram containing
STIX 1.2 components [2] and the top level objects that have been discussed so far (please let me know if I missed yours!).
My hope is that by raising this topic we can identify dependencies, preconditions, and differences of opinion. If we need to know more about relationships before we can move forward – what are those things? As with any early stage discussion,
there will be open items that can only be resolved later on; my hope is that we can reach a common starting point.
--
________________________________
Anthony Michael Rutkowski
EVP, Industry Standards & Regulatory Affairs
tony@yaanatech.com +1 703 999 8270
________________________________
Yaana Technologies LLC
542 Gibraltar Drive
Milpitas CA 95035 USA