Which version(s) of CybOX are most commonly used in the wild?

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Which version(s) of CybOX are most commonly used in the wild?

Trey Darley
Hi -

CybOX exists in 0.6, 0.6.1, 0.6.2, 0.7, 1.0, 2.0, 2.0.1, and (soon to be
released) 2.1. (Were there no intermediate releases between 1.0 and 2.0?)

I have a limited set of example indicators to work with. As the vast
majority of CybOX indicators probably never see the light of day outside
various ISACs and closed networks I could use some help.


I see that development work was halted on the 1.0 branch of python-cybox
prior to completion. (108,924 LOC! So close!) Can I conclude from this
that it's reasonable to ignore everything pre-2.0 or are there a bunch of
useful IOCs floating around out there in earlier formats?


Thanks in advance for your advice.

Cheers,
Trey
--
Trey Darley
Minister of Foreign Affairs
Brussels > Cupertino Seattle London Hong Kong Washington D.C.
Plano San Francisco Singapore Munich Paris
Splunk > because specialisation is for insects
Reply | Threaded
Open this post in threaded view
|

Re: Which version(s) of CybOX are most commonly used in the wild?

Barnum, Sean D.
Hi Trey,

I would say that the large majority of exiting content will currently be
in 2.0 with new content moving to 2.0.1

sean

On 10/22/13 12:27 PM, "Trey Darley" <[hidden email]> wrote:

>Hi -
>
>CybOX exists in 0.6, 0.6.1, 0.6.2, 0.7, 1.0, 2.0, 2.0.1, and (soon to be
>released) 2.1. (Were there no intermediate releases between 1.0 and 2.0?)
>
>I have a limited set of example indicators to work with. As the vast
>majority of CybOX indicators probably never see the light of day outside
>various ISACs and closed networks I could use some help.
>
>
>I see that development work was halted on the 1.0 branch of python-cybox
>prior to completion. (108,924 LOC! So close!) Can I conclude from this
>that it's reasonable to ignore everything pre-2.0 or are there a bunch of
>useful IOCs floating around out there in earlier formats?
>
>
>Thanks in advance for your advice.
>
>Cheers,
>Trey
>--
>Trey Darley
>Minister of Foreign Affairs
>Brussels > Cupertino Seattle London Hong Kong Washington D.C.
>Plano San Francisco Singapore Munich Paris
>Splunk > because specialisation is for insects