I have talked with a lot of vendors, part of my day-job, and when the topic of STIX comes up, everyone is interested (wish a level of caution) about automated course of actions. Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards Office of the CTO Blue Coat Systems PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg. On May 5, 2016, at 07:08, Thompson, Dean <
Dean.Thompson@anz.com > wrote: Hi!, I just thought that it would be a good idea to see what is out there and then build up a list of COA's that could be used and hopefully with enough support get vendors to be able to understand and process. It would be pretty good to build up a STIX document that provided some COA's for more detailed monitoring or alerting or automatically build a firewall rule. Regards, Dean
Original Message----- From: cti@lists.oasis-open.org [ mailto:cti@lists.oasis-open.org ] On Behalf Of Paul Patrick Sent: Thursday, 5 May 2016 11:00 PM To: Crawford, David; Thompson, Dean; ' cti@lists.oasis-open.org ' Subject: Re: [cti] RE: On TTPs and specifications We’re a member of OpenC2 and I’ve reached out to colleagues that are members to get some input. Regards, Paul Patrick On 5/5/16, 8:53 AM, cti@lists.oasis-open.org on behalf of Crawford, David < cti@lists.oasis-open.org on behalf of David.Crawford@aetna.com > wrote: The OpenC2 project ( http://openc2.org/ ) recently came to my attention and their roadmap lists STIX COA's.