Updated OpenIOC -> CybOX Script

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Updated OpenIOC -> CybOX Script

Kirillov, Ivan A.

All,

 

I just wanted to let you know that we’ve recently pushed an updated version of the OpenIOC to CybOX translator script to our GitHub Tools repository:

 

https://github.com/CybOXProject/Tools/tree/master/scripts/openioc_to_cybox

 

It is now updated to output CybOX v2.0 and accordingly supports many more OpenIOC Indicator Items. We’ve also made a few tweaks with regards to its handling of errors and unsupported Indicator Items, along with bug fixes.

 

Look for more tool updates soon!

 

Regards,

Ivan Kirillov

MITRE

Reply | Threaded
Open this post in threaded view
|

RE: Updated OpenIOC -> CybOX Script

Kirillov, Ivan A.

Small update – we’ve recently updated the script to support CybOX v2.0.1, along with the ability to create a single nested Observable rather than the previous mode of creating individual Observables for each IndicatorItem which are then referenced in a separate “logic” Observable. This permits the encapsulation of all of the Observable Compositions, nested Observables, and Boolean logic in a single Observable, thus making the output documents and its logic more analogous to the input OpenIOC document. To use this “nested mode” output, simply specify the “-e” parameter when running the script.

 

Regards,

Ivan Kirillov

MITRE

 

From: [hidden email] [mailto:[hidden email]] On Behalf Of Kirillov, Ivan A.
Sent: Friday, June 14, 2013 8:41 AM
To: cybox-discussion-list Cyber Observable Expression/CybOX Discussi
Subject: Updated OpenIOC -> CybOX Script

 

All,

 

I just wanted to let you know that we’ve recently pushed an updated version of the OpenIOC to CybOX translator script to our GitHub Tools repository:

 

https://github.com/CybOXProject/Tools/tree/master/scripts/openioc_to_cybox

 

It is now updated to output CybOX v2.0 and accordingly supports many more OpenIOC Indicator Items. We’ve also made a few tweaks with regards to its handling of errors and unsupported Indicator Items, along with bug fixes.

 

Look for more tool updates soon!

 

Regards,

Ivan Kirillov

MITRE