OASIS Cyber Threat Intelligence (CTI) TC

Back to discussions

Expand all | Collapse all

December CTI TC Meeting

1. December CTI TC Meeting

0 Recommend
Alexander Foley
Posted 12-10-2015 18:43
| view attached
All, In case the automated notifications didn’t make it to you, please remember we have our December CTI TC Meeting at 9PM UTC / 4PM ET today. For those members who missed our October meeting, please if at all possible make the effort to attend today’s meeting. As a reminder, the OASIS TC Process states in section 2.4 TC Membership and Participation that voting members must remain active. Voting members who are absent from two consecutive meetings risk losing their voting rights. Thanks, Alex This message, and any attachments, is for the intended recipient(s) only, may contain information that is privileged, confidential and/or proprietary and subject to important terms and conditions available at http://www.bankofamerica.com/emaildisclaimer. If you are not the intended recipient, please delete this message. BEGIN:VCALENDAR PRODID:-//Microsoft Corporation//Outlook 12.0 MIMEDIR//EN VERSION:2.0 METHOD:REQUEST X-MS-OLK-FORCEINSPECTOROPEN:TRUE BEGIN:VEVENT CATEGORIES:(Calendar) Important One Time CLASS:PUBLIC CREATED:20151210T183742Z DESCRIPTION:Dear CTI,

Please join us this Thursday, November 10th from 9-10PM ETC (4-5PM ET) for our December Cyber Threat Intelligence (CTI) Te chnical Committee (TC) meeting. If you have any questions or concerns, p lease feel free to reach out to myself or Rich Struse. The agenda can be found in the OASIS Calendar and conference call details are included below .

Many thanks,

Alex Foley
CTI Secretary

....................... .......................................................................... ......................................

https://meet.mitre.org/ikirillov /487SZHT4
https://meet.mitre.org/ikirillov/487SZHT4

Join by Phone
+1 (781) 271-2020
+1 (703) 983-2020
https://dialin.mitre.org/

Conference ID: 67045566
https://dialin.mitre.org/ http://r.office.microsoft.com/r/ rlidOC10?clid=1033&p1=4&p2=1041&pc=oc&ver=4&subver=0&bld=7185&bldver=0

Agenda: Cyber Threat Intelligence (CTI) Technical Committee (TC)
Order of Business and Agenda
December 10, 2015
9-10PM UTC 4-5PM ET

Welc ome and Introduction - Rich Struse, Chair
to include Discussion of new Integrated Meeting Schedule
5 Minutes
STIX Subcomittee Report - Sean B arnum and Aharon Chernin, Co-Chairs
to include Discussion of JSON MTI B allot Results
15 Minutes
CybOX Subcommittee Report - Trey Darley and I van Kirillov, Co-Chairs
5-10 Minutes
TAXII Subcommittee Report - Mark Davidson and Bret Jordan, Co-Chairs
5-10 Minutes
Interoperability Su bcomittee Report - David Eilken and Patrick Maroney, Co-Chairs
5-10 Min utes
Face-to-Face (F2F) Planning Update - Aharon Chernin
10 Minutes
New Business and General Thoughts - Rich Struse, Chair
Remaining Time

Group: OASIS Cyber Threat Intelligence (CTI) TC
Creator: Alexander Fole y
DTEND:20151210T220000Z DTSTAMP:20151207T151601Z DTSTART:20151210T210000Z LAST-MODIFIED:20151210T183742Z LOCATION:Online Meeting ORGANIZER;CN=workgroup_mailer@lists.oasis-open.org: mailto:workgroup_mailer@ lists.oasis-open.org PRIORITY:5 SEQUENCE:0 SUMMARY;LANGUAGE=en-us:December CTI TC Meeting TRANSP:OPAQUE UID: https://www.oasis-open.org/apps/org/workgroup/cti/event.php?event_id=41 499 X-ALT-DESC;FMTTYPE=text/html:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//E N">
<HTML>
<HEAD>
<META NAME="Generator" CONTENT="MS Exchange Server ve rsion 08.00.0681.000">
<TITLE></TITLE>
</HEAD>
<BODY>


Dear CTI,


Please join us this Thursday, November 10th from 9-10PM ETC (4-5PM ET) for our December Cyber Threat Intelligence (CTI) Technical Com mittee (TC) meeting.  If you have any questions or concerns, please feel free to reach out to myself or Rich Struse.  The agenda can be found in the OASIS Calendar and conference call details are included belo w.

Many thanks,


Alex Foley

 CTI Secretary


........................................................... .......................................................................... ..

<A HREF=" https://meet.mitre.org/ikirillov /487SZHT4"> https://meet.mitre.org/ikirillov/487SZHT4 </A>

 <FO NT SIZE=2><A HREF=" https://meet.mitre.org/ikirillov/487SZHT4" ;> https://meet .mitre.org/ikirillov/487SZHT4</A>


Join by Phone

 +1 (781) 271-2020

 +1 (703) 983-2020

 <A HREF=" https://dialin.m itre.org/"> https://dialin.mitre.org/ </A>


C onference ID: 67045566

 <A HREF=" https://dialin . mitre.org/ "> https://dialin.mitre.org/ </A> <A HREF=" http://r.office.micro soft.com/r/rlidOC10?clid=1033&p1=4&p2=1041&pc=oc&ver=4&subver=0&bld=7185&b ldver=0"> http://r.office.microsoft.com/r/rlidOC10?clid=1033&p1=4&p2=1041&p c=oc&ver=4&subver=0&bld=7185&bldver=0</A>

Ag enda: Cyber Threat Intelligence (CTI) Technical Committee (TC)

 Order of Business and Agenda

 De cember 10, 2015

 9-10PM UTC 4-5PM ET

 

        Welcome and Introduction - Rich Struse, Chair

          to include Discuss ion of new Integrated Meeting Schedule

          5 Minutes

  & nbsp;      STIX Subcomittee Re port - Sean Barnum and Aharon Chernin, Co-Chairs

  &nb sp;      to include Discussion of JSON MTI Ballot Results

     &nbs p;   15 Minutes

   &nbs p;     CybOX Subcommittee Report - T rey Darley and Ivan Kirillov, Co-Chairs

   &nbsp ;     5-10 Minutes

 &nb sp;       TAXII Subcommi ttee Report - Mark Davidson and Bret Jordan, Co-Chairs

 &nbs p;       5-10 Minutes</F ONT>

         Interoperability Subcomittee Report - David Eilken and Patrick Maroney, Co-Chairs

         5-10 Minutes

     &nbsp ;   Face-to-Face (F2F) Planning Update - Aharon C hernin

         <FO NT SIZE=2>10 Minutes

      &nbs p;  New Business and General Thoughts - Rich Struse, Chair

         <FON T SIZE=2>Remaining Time


Group: OASIS Cyber Threat Intelligence (CTI) TC

 Creator: Alexande r Foley


</BODY>
</HTML> X-MICROSOFT-CDO-BUSYSTATUS:BUSY X-MICROSOFT-CDO-IMPORTANCE:1 X-MICROSOFT-CDO-INTENDEDSTATUS:BUSY X-MICROSOFT-DISALLOW-COUNTER:FALSE X-MS-OLK-ALLOWEXTERNCHECK:TRUE X-MS-OLK-CONFTYPE:0 BEGIN:VALARM TRIGGER:-PT15M ACTION:DISPLAY DESCRIPTION:Reminder END:VALARM END:VEVENT END:VCALENDAR

Attachment(s)

December CTI TC Meeting.ics 6 KB 1 version
2. RE: December CTI TC Meeting

0 Recommend
Alexander Foley
Posted 12-10-2015 20:55
For those unable to view the Lync presentations live, here are links to each of the SC updates we have so far: STIX: https://www.oasis-open.org/committees/document.php?document_id=57099&wg_abbrev=cti CybOX: https://www.oasis-open.org/committees/document.php?document_id=57097&wg_abbrev=cti InterOp : https://www.oasis-open.org/committees/document.php?document_id=57098&wg_abbrev=cti Thanks, Alex From: cti@lists.oasis-open.org [mailto:cti@lists.oasis-open.org] On Behalf Of Foley, Alexander - GIS Sent: Thursday, December 10, 2015 1:43 PM To: cti@lists.oasis-open.org Subject: [cti] December CTI TC Meeting All, In case the automated notifications didn’t make it to you, please remember we have our December CTI TC Meeting at 9PM UTC / 4PM ET today. For those members who missed our October meeting, please if at all possible make the effort to attend today’s meeting. As a reminder, the OASIS TC Process states in section 2.4 TC Membership and Participation that voting members must remain active. Voting members who are absent from two consecutive meetings risk losing their voting rights. Thanks, Alex This message, and any attachments, is for the intended recipient(s) only, may contain information that is privileged, confidential and/or proprietary and subject to important terms and conditions available at http://www.bankofamerica.com/emaildisclaimer . If you are not the intended recipient, please delete this message. This message, and any attachments, is for the intended recipient(s) only, may contain information that is privileged, confidential and/or proprietary and subject to important terms and conditions available at http://www.bankofamerica.com/emaildisclaimer. If you are not the intended recipient, please delete this message.
3. Results from Serialization MTI Proposal

0 Recommend
Alexander Foley
Posted 12-10-2015 22:09
Dear CTI, Congratulations, we have successfully passed another ballot. As a committee we answered Yes to the question “Do you approve the adoption of a JSON/JSON Schema-based MTI representation for TAXII 2.0, STIX 2.0 and CybOX 3.0 refactoring efforts?” with: - 69 yes votes - 8 no votes - 9 abstentions IN THE FUTURE: Every ballot from here on out will be configured show detailed results listing the vote of each member and will identify commenting voters by name . Please keep this in mind in the future when voting. Since there was some confusion on this with this ballot, I have included the comments here, identifying the voters where they have indicated to me that they wish to be identified: Submitter Vote Comment Gurney, John-Mark New Context Services, Inc. Yes This is a provisional yes vote. If the standard does not come w/ schema validation, but MTI JSON, I will vote no on the standard. Anonymous Yes Schema validation is a requirement, and that any specification that does not include JSON schema validation will receive a no vote. MacDonald, Terry Soltra Yes I am voting yes to the JSON format. I am less sure about the use of JSON Schema as I'm not sure of the benefits of JSON Schema vs JSON-LD, but I do want to move ahead with some concrete progress within this SC. Burger, Eric Georgetown University Yes Kind of silly to change, but even more silly we are spending so many cycles on the argument. Just get it done by saying Yes or No. Anonymous No This convinced me that this vote is premature: If JSON wins, we will let this user group know so the vendors and groups that have been waiting can start writing code. Barnum, Sean Mitre Corporation No This NO vote is based on the timing of this ballot and not on whether or not a JSON-based serialization is likely to be an appropriate choice for MTI. As has been stated before, it looks like the community is leaning strongly towards a JSON-based MTI but there are still numerous open questions on what the requirements for an MTI serialization will be and it is premature to attempt to formalize such a decision until adequate information is available. Algeier, Scott National Council of ISACs (NCI) No I am opposed to the timing of this motion, rather than the use of JSON. I think making this decision now is premature. Anonymous No My vote will change to yes when someone answers the following questions: how will JSON be validated? how will extensions be handled? how will field level marking be done? etc. Once these questions are answered, then a Yes is appropriate (because JSON is the best answer.) But, absent having answers to these questions, a "yes" decision is premature. Anonymous Abstain While there has been voices for and against XML and JSON. There haven't been completed examples/implementations of JSON (as compared to XML) that allowed for group discussion and exploration within JSON (regardless of stylistic preferences such as pure vs LD vs other). Thanks, Alex This message, and any attachments, is for the intended recipient(s) only, may contain information that is privileged, confidential and/or proprietary and subject to important terms and conditions available at http://www.bankofamerica.com/emaildisclaimer. If you are not the intended recipient, please delete this message.

OASIS Cyber Threat Intelligence (CTI) TC

December CTI TC Meeting

Alexander Foley12-10-2015 18:43

Alexander Foley12-10-2015 20:55

Alexander Foley12-10-2015 22:09

1. December CTI TC Meeting

2. RE: December CTI TC Meeting

3. Results from Serialization MTI Proposal

Contact Us

Membership

Privacy & Terms

OASIS Cyber Threat Intelligence (CTI) TC

December CTI TC Meeting

Alexander Foley12-10-2015 18:43

Alexander Foley12-10-2015 20:55

Alexander Foley12-10-2015 22:09

1. December CTI TC Meeting

2. RE: December CTI TC Meeting

3. Results from Serialization MTI Proposal

Related Content

December CTI TC Meeting

STIX SC Working Session

CTI TC Monthly Meeting: Session #1

October CTI TC Meeting

December CTI TC Meeting Attachments

Contact Us

Membership

Privacy & Terms