CTI STIX Subcommittee

  • 1.  MTI Evaluation Criteria

    Posted 10-18-2015 22:29
      |   view attached
    Hi STIX Subcommittee Members: I've been reading with great interest the ongoing debate about establishing a Mandatory To Implement (MTI) binding for moving us forward on STIX 2.0. Before Sean suggested that we table it for a while he had made the point that we need to take 4 keys steps to move discussions forward in a systematic way. I'll paraphrase here.  We need to establish: 1)  Requirements and evaluation criteria for selecting an MTI binding; 2) Binding options (capabilities & limitations); 3) A review process to determine how each option would/could meet our evaluation criteria; and 4) A way to guage the priorities and preferences of our members. To advance this agenda I have begun to put together a matrix (see attached) to capture the following: HORIZONTAL AXIS: Evaluation criteria gleaned from the substantive discussions. [Item 1, above] VERTICAL AXIS: Technology stack as characterized by Sean, Cory, Shawn and others. [Refinement to Item 1, above] MATRIX CELLS: Candidate technologies that I have heard mentioned by members of the TC and other interested parties. [Item 2, above] Note that this is just a first cut. I'm offering it here as a potential framework (straw man) for advancing these discussions in a manner that will help us reach a concensus sooner, rather than later. I challenge those of you with an interest in this matter to edit this matrix liberally to help make it really reflect group think. Perhaps it should be added to the wiki for that; which might address Item 3, above. Note that I also acknowledge that any MTI selected for STIX must also accommodate the needs of CybOX. A similar sort of matrix could be constructed for that MTI selection process, if needed. To address Item 4 I'd like to suggest a Survey Monkey survey that captures some of the ideas that get flushed out in the matrix and gives us a quantitative guage of member preferences. All for now, Jane Ginn, MSIA, MRP Cyber Threat Intelligence Network, Inc. jg@ctin.us Attachment: STIX_MTI_EvalCriteria1.xlsx Description: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

    Attachment(s)



  • 2.  Re: [cti-stix] MTI Evaluation Criteria

    Posted 10-19-2015 15:33
    Thank you very much Jane for this effort and sharing information. 2015-10-19 1:29 GMT+03:00 Jane Ginn - jg@ctin.us <jg@ctin.us>: > Hi STIX Subcommittee Members: > > I've been reading with great interest the ongoing debate about establishing > a Mandatory To Implement (MTI) binding for moving us forward on STIX 2.0. > > Before Sean suggested that we table it for a while he had made the point > that we need to take 4 keys steps to move discussions forward in a > systematic way. I'll paraphrase here. > > We need to establish: > > 1) Requirements and evaluation criteria for selecting an MTI binding; > > 2) Binding options (capabilities & limitations); > > 3) A review process to determine how each option would/could meet our > evaluation criteria; and > > 4) A way to guage the priorities and preferences of our members. > > To advance this agenda I have begun to put together a matrix (see attached) > to capture the following: > > HORIZONTAL AXIS: Evaluation criteria gleaned from the substantive > discussions. [Item 1, above] > > VERTICAL AXIS: Technology stack as characterized by Sean, Cory, Shawn and > others. [Refinement to Item 1, above] > > MATRIX CELLS: Candidate technologies that I have heard mentioned by members > of the TC and other interested parties. [Item 2, above] > > Note that this is just a first cut. I'm offering it here as a potential > framework (straw man) for advancing these discussions in a manner that will > help us reach a concensus sooner, rather than later. I challenge those of > you with an interest in this matter to edit this matrix liberally to help > make it really reflect group think. Perhaps it should be added to the wiki > for that; which might address Item 3, above. > > Note that I also acknowledge that any MTI selected for STIX must also > accommodate the needs of CybOX. A similar sort of matrix could be > constructed for that MTI selection process, if needed. > > To address Item 4 I'd like to suggest a Survey Monkey survey that captures > some of the ideas that get flushed out in the matrix and gives us a > quantitative guage of member preferences. > > All for now, > > Jane Ginn, MSIA, MRP > Cyber Threat Intelligence Network, Inc. > jg@ctin.us > > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php


  • 3.  Re: [cti-stix] MTI Evaluation Criteria

    Posted 10-24-2015 19:41
      |   view attached
    Jerome & All: Attached is the MTI Evaluation Criteria Matrix I was referring to in the previous post. Corrections, adjustments, revisions welcome. Jane Ginn CTIN On 10/19/2015 8:33 AM, Jerome Athias wrote: > Thank you very much Jane for this effort and sharing information. > > > 2015-10-19 1:29 GMT+03:00 Jane Ginn - jg@ctin.us <jg@ctin.us>: >> Hi STIX Subcommittee Members: >> >> I've been reading with great interest the ongoing debate about establishing >> a Mandatory To Implement (MTI) binding for moving us forward on STIX 2.0. >> >> Before Sean suggested that we table it for a while he had made the point >> that we need to take 4 keys steps to move discussions forward in a >> systematic way. I'll paraphrase here. >> >> We need to establish: >> >> 1) Requirements and evaluation criteria for selecting an MTI binding; >> >> 2) Binding options (capabilities & limitations); >> >> 3) A review process to determine how each option would/could meet our >> evaluation criteria; and >> >> 4) A way to guage the priorities and preferences of our members. >> >> To advance this agenda I have begun to put together a matrix (see attached) >> to capture the following: >> >> HORIZONTAL AXIS: Evaluation criteria gleaned from the substantive >> discussions. [Item 1, above] >> >> VERTICAL AXIS: Technology stack as characterized by Sean, Cory, Shawn and >> others. [Refinement to Item 1, above] >> >> MATRIX CELLS: Candidate technologies that I have heard mentioned by members >> of the TC and other interested parties. [Item 2, above] >> >> Note that this is just a first cut. I'm offering it here as a potential >> framework (straw man) for advancing these discussions in a manner that will >> help us reach a concensus sooner, rather than later. I challenge those of >> you with an interest in this matter to edit this matrix liberally to help >> make it really reflect group think. Perhaps it should be added to the wiki >> for that; which might address Item 3, above. >> >> Note that I also acknowledge that any MTI selected for STIX must also >> accommodate the needs of CybOX. A similar sort of matrix could be >> constructed for that MTI selection process, if needed. >> >> To address Item 4 I'd like to suggest a Survey Monkey survey that captures >> some of the ideas that get flushed out in the matrix and gives us a >> quantitative guage of member preferences. >> >> All for now, >> >> Jane Ginn, MSIA, MRP >> Cyber Threat Intelligence Network, Inc. >> jg@ctin.us >> >> Attachment: STIX_MTI_EvalCriteria2.xlsx Description: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

    Attachment(s)



  • 4.  Re: [cti-stix] MTI Evaluation Criteria

    Posted 10-29-2015 18:38
    A kind reminder for the pro JSON or others that without proper answers to
    the requirements we should not be able to go further
    (Maybe a PRD document would help)

    On Saturday, 24 October 2015, JG on CTI-TC <jg@ctin.us> wrote:

    > Jerome & All:
    >
    > Attached is the MTI Evaluation Criteria Matrix I was referring to in the
    > previous post. Corrections, adjustments, revisions welcome.
    >
    > Jane Ginn
    > CTIN
    >
    > On 10/19/2015 8:33 AM, Jerome Athias wrote:
    > > Thank you very much Jane for this effort and sharing information.
    > >
    > >
    > > 2015-10-19 1:29 GMT+03:00 Jane Ginn - jg@ctin.us <javascript:;> <
    > jg@ctin.us <javascript:;>>:
    > >> Hi STIX Subcommittee Members:
    > >>
    > >> I've been reading with great interest the ongoing debate about
    > establishing
    > >> a Mandatory To Implement (MTI) binding for moving us forward on STIX
    > 2.0.
    > >>
    > >> Before Sean suggested that we table it for a while he had made the point
    > >> that we need to take 4 keys steps to move discussions forward in a
    > >> systematic way. I'll paraphrase here.
    > >>
    > >> We need to establish:
    > >>
    > >> 1) Requirements and evaluation criteria for selecting an MTI binding;
    > >>
    > >> 2) Binding options (capabilities & limitations);
    > >>
    > >> 3) A review process to determine how each option would/could meet our
    > >> evaluation criteria; and
    > >>
    > >> 4) A way to guage the priorities and preferences of our members.
    > >>
    > >> To advance this agenda I have begun to put together a matrix (see
    > attached)
    > >> to capture the following:
    > >>
    > >> HORIZONTAL AXIS: Evaluation criteria gleaned from the substantive
    > >> discussions. [Item 1, above]
    > >>
    > >> VERTICAL AXIS: Technology stack as characterized by Sean, Cory, Shawn
    > and
    > >> others. [Refinement to Item 1, above]
    > >>
    > >> MATRIX CELLS: Candidate technologies that I have heard mentioned by
    > members
    > >> of the TC and other interested parties. [Item 2, above]
    > >>
    > >> Note that this is just a first cut. I'm offering it here as a potential
    > >> framework (straw man) for advancing these discussions in a manner that
    > will
    > >> help us reach a concensus sooner, rather than later. I challenge those
    > of
    > >> you with an interest in this matter to edit this matrix liberally to
    > help
    > >> make it really reflect group think. Perhaps it should be added to the
    > wiki
    > >> for that; which might address Item 3, above.
    > >>
    > >> Note that I also acknowledge that any MTI selected for STIX must also
    > >> accommodate the needs of CybOX. A similar sort of matrix could be
    > >> constructed for that MTI selection process, if needed.
    > >>
    > >> To address Item 4 I'd like to suggest a Survey Monkey survey that
    > captures
    > >> some of the ideas that get flushed out in the matrix and gives us a
    > >> quantitative guage of member preferences.
    > >>
    > >> All for now,
    > >>
    > >> Jane Ginn, MSIA, MRP
    > >> Cyber Threat Intelligence Network, Inc.
    > >> jg@ctin.us <javascript:;>
    > >>
    > >>
    >
    >
    >
    >



  • 5.  Re: [cti-stix] MTI Evaluation Criteria

    Posted 10-29-2015 18:38
    A kind reminder for the pro JSON or others t hat without proper answers to the requirements we should not be able to go further (Maybe a PRD document would help) On Saturday, 24 October 2015, JG on CTI-TC < jg@ctin.us > wrote: Jerome & All: Attached is the MTI Evaluation Criteria Matrix I was referring to in the previous post.  Corrections, adjustments, revisions welcome. Jane Ginn CTIN On 10/19/2015 8:33 AM, Jerome Athias wrote: > Thank you very much Jane for this effort and sharing information. > > > 2015-10-19 1:29 GMT+03:00 Jane Ginn - jg@ctin.us < jg@ctin.us >: >> Hi STIX Subcommittee Members: >> >> I've been reading with great interest the ongoing debate about establishing >> a Mandatory To Implement (MTI) binding for moving us forward on STIX 2.0. >> >> Before Sean suggested that we table it for a while he had made the point >> that we need to take 4 keys steps to move discussions forward in a >> systematic way. I'll paraphrase here. >> >> We need to establish: >> >> 1)  Requirements and evaluation criteria for selecting an MTI binding; >> >> 2) Binding options (capabilities & limitations); >> >> 3) A review process to determine how each option would/could meet our >> evaluation criteria; and >> >> 4) A way to guage the priorities and preferences of our members. >> >> To advance this agenda I have begun to put together a matrix (see attached) >> to capture the following: >> >> HORIZONTAL AXIS: Evaluation criteria gleaned from the substantive >> discussions. [Item 1, above] >> >> VERTICAL AXIS: Technology stack as characterized by Sean, Cory, Shawn and >> others. [Refinement to Item 1, above] >> >> MATRIX CELLS: Candidate technologies that I have heard mentioned by members >> of the TC and other interested parties. [Item 2, above] >> >> Note that this is just a first cut. I'm offering it here as a potential >> framework (straw man) for advancing these discussions in a manner that will >> help us reach a concensus sooner, rather than later. I challenge those of >> you with an interest in this matter to edit this matrix liberally to help >> make it really reflect group think. Perhaps it should be added to the wiki >> for that; which might address Item 3, above. >> >> Note that I also acknowledge that any MTI selected for STIX must also >> accommodate the needs of CybOX. A similar sort of matrix could be >> constructed for that MTI selection process, if needed. >> >> To address Item 4 I'd like to suggest a Survey Monkey survey that captures >> some of the ideas that get flushed out in the matrix and gives us a >> quantitative guage of member preferences. >> >> All for now, >> >> Jane Ginn, MSIA, MRP >> Cyber Threat Intelligence Network, Inc. >> jg@ctin.us >> >>