Presentation is loading. Please wait.

Presentation is loading. Please wait.

CTI STIX SC Monthly Meeting www.oasis-open.org August 19, 2015.

Published byMillicent Pitts Modified over 9 years ago

Similar presentations

Presentation on theme: "CTI STIX SC Monthly Meeting www.oasis-open.org August 19, 2015."— Presentation transcript:

1 CTI STIX SC Monthly Meeting www.oasis-open.org August 19, 2015

2 www.oasis-open.org Agenda n Work progress status l Update on STIX 1.2.1 specs n Discuss ideas for HOW we do work n The need for use cases

3 STIX 1.2.1 specification status n Worked with OASIS folks and now have OASIS document templates for all parts of STIX language specs n In process of migrating spec content from pre-OASIS form into the templates l Work being done by MITRE people who edited the original pre-OASIS documents l Drafts for Overview and Core documents are mostly done n Working through editing, formatting, policy details with OASIS l Estimate it will only take a few hours per document n Should have all existing documents migrated to OASIS drafts within 1.5-2.5 weeks n STIX Version 1.2.1 Part 1: Overview. [URI – added during publication] n STIX Version 1.2.1 Part 2: Common. [URI] n STIX Version 1.2.1 Part 3: Core. (this document) n STIX Version 1.2.1 Part 4: Indicator. [URI] n STIX Version 1.2.1 Part 5: TTP. [URI] n STIX Version 1.2.1 Part 6: Incident. [URI] n STIX Version 1.2.1 Part 7: Threat Actor. [URI] n STIX Version 1.2.1 Part 8: Campaign. [URI] n STIX Version 1.2.1 Part 9: Course of Action. [URI] n STIX Version 1.2.1 Part 10: Exploit Target. [URI] n STIX Version 1.2.1 Part 11: Report. [URI] n STIX Version 1.2.1 Part 12: Extensions. [URI] n STIX Version 1.2.1 Part 13: Data Marking. [URI] n STIX Version 1.2.1 Part 14: Vocabularies. [URI] n STIX Version 1.2.1 Part 15: UML Model. [URI] n XML schemas: (list file names or directory name) [URI]

4 STIX Tools Update n OpenIOC->STIX tool update was released to support STIX 1.2 n STIX2HTML is in process of update for STIX 1.2 n STIXviz is almost ready for its STIX 1.2 release

5 Ideas for HOW we do work Leveraging github n Issue trackers n Wikis n Will likely need to being thinking of the “specs” repository as primary area for STIX language l Should eventually move over appropriate tracker issues from “schemas” repository n Ideas for how else we could be leveraging github?

6 Ideas for HOW we do work Other ideas for technical enablers? n Does anyone have any other ideas for gaps/solutions of technical enablers for our work? l Discuss exploration into collaboration tools n SC co-chairs are discussing potential options n Interested in input/feedback on requirements and options l Options for managing meetings better?

7 Ideas for HOW we do work Official STIX SC Secretary? n What do people think of the idea of having an official STIX SC Secretary to organize and coordinate SC activities?

8 Ideas for HOW we do work Discussion of STIX SC work processes n Don’t want to rehash the email from the co-chairs sent on 8/1 l Do need to emphasize that under formal governance our work will need to be open, deliberative, ordered and tracked. n Encourage ideas and discussion but caution that consensus and decisions will need to follow process. l Please keep talking. :-) n Encourage contributions beyond just thoughts l As work product efforts are stood up, editors will be needed l Contributions of use cases, conceptual models, schema structures, normative or informative language suggestions, test data, etc. will be invaluable to collaborative progression n MITRE folks will continue to be involved but we will need a broader base of active contributors going forward

9 The need for use cases n The need for Use Cases has been repeatedly raised l Use cases have always been driving STIX/TAXII/CybOX but they have not been explicitly codified n Under formal governance we need to do this l This topic is being discussed across the SCs at the TC level not just for STIX l We need to capture comprehensive set of use cases for STIX n Suggestion: Initial capture and evolution in a github wiki n Suggestion: Identifying a volunteer to help coordinate this activity

Download ppt "CTI STIX SC Monthly Meeting www.oasis-open.org August 19, 2015."

Similar presentations

FpML Versioning An AWG Discusion Document. Namespace URIs & Versions An XML parser locates the schema for a document based on its namespace URI To be.

FpML Versioning An AWG Discusion Document. Namespace URIs & Versions An XML parser locates the schema for a document based on its namespace URI To be.
ATC Conference Call January 10, 2008 Thank you for joining the call. We will start the call shortly. Please enter * 6 to mute your line and # 6 to unmute.

ATC Conference Call January 10, 2008 Thank you for joining the call. We will start the call shortly. Please enter * 6 to mute your line and # 6 to unmute.
Jan 28, 2009CFS-GBL meeting 1 PM report Jan 28, 2009: Reviews –AAP –PAC (May 9 and 10, 2009) Meetings –TILC09 FALC –Madrid, Jan 19, 2009.

Jan 28, 2009CFS-GBL meeting 1 PM report Jan 28, 2009: Reviews –AAP –PAC (May 9 and 10, 2009) Meetings –TILC09 FALC –Madrid, Jan 19, 2009.
Sponsored by the Office of the Under Secretary of Defense for Personnel and Readiness (OUSD P&R) Experience API (xAPI) Update Andy Johnson Contractor with.

Sponsored by the Office of the Under Secretary of Defense for Personnel and Readiness (OUSD P&R) Experience API (xAPI) Update Andy Johnson Contractor with.
Feb. 2, 2004CS 509 - WPI1 CS 509 Design of Software Systems Lecture #3 Monday, Feb. 2, 2004.

Feb. 2, 2004CS WPI1 CS 509 Design of Software Systems Lecture #3 Monday, Feb. 2, 2004.
1 SHAREPOINT FOR PROJECT MANAGEMENT COLLABORATION Gerry Brimacombe Sector Learning Solutions Inc. www.sectorlearning.com.

1 SHAREPOINT FOR PROJECT MANAGEMENT COLLABORATION Gerry Brimacombe Sector Learning Solutions Inc.
OASIS document rules Nigel Shaw Eurostep Limited.

OASIS document rules Nigel Shaw Eurostep Limited.
RDA Data Foundation and Terminology (DFT) IG: Introduction Prepared for RDA Plenary San Diego, March 9, 2015 Gary Berg-Cross, Raphael Ritz, Co-Chairs DFT.

RDA Data Foundation and Terminology (DFT) IG: Introduction Prepared for RDA Plenary San Diego, March 9, 2015 Gary Berg-Cross, Raphael Ritz, Co-Chairs DFT.
How an idea becomes an IEC standard Gary Johnson Chairman IEC SC45A

How an idea becomes an IEC standard Gary Johnson Chairman IEC SC45A
Welcome We’re Mark and Bret; This is the TAXII SC.

Welcome We’re Mark and Bret; This is the TAXII SC.
08.16.08Open-Source and Cyberculture | VID 20081 ViewSource: Reflective Open-Source Software Corinna Bath Jelena Karanovic Morgan Ames Stéphane Couture.

Open-Source and Cyberculture | VID ViewSource: Reflective Open-Source Software Corinna Bath Jelena Karanovic Morgan Ames Stéphane Couture.
Proposed TC Issues Process Martin Chapman. Purpose An issues driven process helps to 1.Untangle un-conflate problems 2.Narrow focus to solving particular.

Proposed TC Issues Process Martin Chapman. Purpose An issues driven process helps to 1.Untangle un-conflate problems 2.Narrow focus to solving particular.
CTI STIX SC Kickoff Meeting www.oasis-open.org July 16, 2015.

CTI STIX SC Kickoff Meeting July 16, 2015.
OData Technical Committee Kick-off July 26, 2012.

OData Technical Committee Kick-off July 26, 2012.
RDA Data Foundation and Terminology (DFT) IG: Introduction Prepared for RDA Plenary San Diego, March 9, 2015 Gary Berg-Cross, Raphael Ritz, Co-Chairs DFT.

RDA Data Foundation and Terminology (DFT) IG: Introduction Prepared for RDA Plenary San Diego, March 9, 2015 Gary Berg-Cross, Raphael Ritz, Co-Chairs DFT.
ISO TC 184/SC4 1/12 Opening Plenary: QC Report Thomas L. Warren Technical Writing Program Ok.State U.

ISO TC 184/SC4 1/12 Opening Plenary: QC Report Thomas L. Warren Technical Writing Program Ok.State U.
Differences and similarities with informal and formal reports

Differences and similarities with informal and formal reports
Copyright © 2004 by The Web Services Interoperability Organization (WS-I). All Rights Reserved 1 Interoperability: Ensuring the Success of Web Services.

Copyright © 2004 by The Web Services Interoperability Organization (WS-I). All Rights Reserved 1 Interoperability: Ensuring the Success of Web Services.
U.S. Department of the Interior U.S. Geological Survey Richard Huffine September 15, 2009 Council for Data Integration Planning Team Summary.

U.S. Department of the Interior U.S. Geological Survey Richard Huffine September 15, 2009 Council for Data Integration Planning Team Summary.
Module 6: Preparing for RDA... LC RDA for Georgia Cataloging Summit Aug. 9-10, 2011.

Module 6: Preparing for RDA... LC RDA for Georgia Cataloging Summit Aug. 9-10, 2011.

Similar presentations

Ads by Google