Communications of the ACM
Cyber Threat Info Sharing Made Easier
The next iteration of the Structured Threat Information eXchange (STIX), a machine-to-machine cyberthreat information-sharing language, is nearing completion.
Credit: OASIS Cyber Threat Intelligence
The next iteration of the Structured Threat Information eXchange (STIX), a machine-to-machine cyberthreat information-sharing language, is nearing completion.
STIX was designed by the U.S. Department of Homeland Security to facilitate information sharing between industry, critical infrastructure operators, and government in order to thwart cyberattacks.
Participants in the information-sharing program connect to a common platform called Trusted Automated eXchange of Indicator Information to exchange threat information.
The goal is that a more effective machine-to-machine threat information-sharing language will speed its adoption across industry.
MITRE's John Wunder notes STIX 2.0 focuses on simplicity and standardization, with fewer options and more requirements than the first iteration.
Work on STIX 2.1 already has started and will address some areas that were differentiated in order to build out the basic framework, including response features such as an incident and event object, more in-depth modeling of malware and infrastructure, and feedback mechanisms.
From Government Computer News
View Full Article
Abstracts Copyright © 2017 Information Inc., Bethesda, Maryland, USA
No entries found