[cti-users] stix - BroTestMechanismType?

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[cti-users] stix - BroTestMechanismType?

Chris O'Brien

Hi all,

 

Just wondered if anyone was working on, or thinking of working on, a BroTestMechanismType for the abstracted TestMechanismType? I’m currently planning to write a paper on the topic of heuristic detection using partial threat intelligence data (somewhat of a continuation of Paul Poputa-Clean’s paper: http://pen-testing.sans.org/resources/papers/gcih/automated-defense-threat-intelligence-augment-121748) and thought that building a standard for Bro modelling might be a useful place to start.

 

Give me a shout if you’ve got any thoughts!

 

Chris

 

----------

Head of Capability Development

CERT-UK

e: [hidden email]

 


PGP.sig (515 bytes) Download Attachment