最近因為專案的關係,接觸到一些以前就存在但是因為沒有緣分就沒注意到的名詞.
特地做了一點筆記來加強自己印象 :)
Term | Description |
|
- Network protocol for threat intelligence exchange
- Supports secure exchange
|
|
- XML/JSON threat intelligence file format
- Support threat intelligent objects
- Support analysis
|
|
- Standard command language
- Supports acting
|
|
- Threat intelligence sharing platform
- Support STIX & TAXII and the other popular formats
|
- 一般來說,會先分析STIX的threat intelligent object再藉由OpenC2採取action. ex. mitigation/remediation...