New Context is proud to announce the company’s sponsorship of OASIS in support of the continuing development of STIX, TAXII and CybOX, as cyber security standards.
Development of an industry wide standards framework for cyber threat intelligence is crucial for the information security industry to be able to define and share threats. New Context is a proud sponsor of OASIS and believes strongly in open and transparent standards frameworks development. We look forward to working with our global industry peers in developing the next standards for STIX, CybOX and TAXII.
OASIS is a nonprofit consortium that drives the development, convergence and adoption of open standards for the global information society. The organization promotes industry consensus and produces worldwide standards for security, Internet of Things, cloud computing, energy, content technologies, emergency management, and other areas.
New Context is an OASIS sponsor and takes part in the Cyber Threat Intelligence (CTI) Technical Committee
The OASIS Cyber Threat Intelligence (CTI) Technical Committee was chartered to define a set of information representations and protocols to address the need to model, analyze, and share cyber threat intelligence. In the initial phase of technical committee work, three specifications will be transitioned from the US Department of Homeland Security (DHS) for development and standardization under the OASIS open standards process: STIX (Structured Threat Information Expression), TAXII (Trusted Automated Exchange of Indicator Information), and CybOX (Cyber Observable Expression).
The OASIS CTI Technical Committee will:
- define composable information sharing services for peer-to-peer, hub-and-spoke, and source subscriber threat intelligence sharing models
- develop standardized representations for campaigns, threat actors, incidents, tactics techniques and procedures (TTPs), indicators, exploit targets, observables, and courses of action
- develop formal models that allow organizations to develop their own standards-based sharing architectures to meet specific needs