cti message

Subject: Threat Actor Enumeration Working Group

From: OASIS Open<workgroup_mailer@lists.oasis-open.org>
To: <cti@lists.oasis-open.org>
Date: Wed, 10 Jul 2019 20:12:15 +0000 (UTC)

Submitter's message
CTI TC:

There has been some discussion on Slack regarding the need for a database of Threat Actors that harmonizes the various nomenclature from various OSINT/community resources.

My objective would be to harmonize using the current STIX 2.1 Threat Actor SDO with the accompanying open vocabularies as our primary database model. This would include the following:

1. STIX Working Draft 05 Section 4.16
2. Threat Actor Type Open Vocab
3. Threat Actor Role Open Vocab
4. Threat Actor Sophistication Open Vocab
5. Attack Resource Level Open Vocab
6. Attack Motivation Open Vocab

This is an invitation for a call to brainstorm this idea among interested TC members. Please join if you can. If you are unable to make it, but have an interest in this topic, please let me know and I'll add you to follow-up correspondence.

Best regards,

-- Ms. Jane Ginn

Event Title: Threat Actor Enumeration Working Group

Date: Friday, 02 August 2019, 11:00am to 12:00pm EDT
Location: Zoom | https://newcontext.zoom.us/j/332585406
Description

Link for Ad Hoc Working Calls

https://newcontext.zoom.us/j/332585406

Agenda

Agenda:

Discuss need for harmonizing various Threat Actor taxonomies as community resource
Discuss framework & coordination
Discuss resources for accomplishing task

Owner: Ms. Jane Ginn
Group: OASIS Cyber Threat Intelligence (CTI) TC
Sharing: This event is shared with the OASIS Open (General Membership), and General Public groups. Public Event Link

Learn more about subscribing here.
View the OASIS Cyber Threat Intelligence (CTI) TC calendar here.
You may receive future notifications with updates to this event. Update the event on your calendar by accepting the changes.

Attachment: ical_49252.ics
Description: application/ics

BEGIN:VCALENDAR
CALSCALE:GREGORIAN
METHOD:REQUEST
VERSION:2.0
PRODID:-//Kavi Corporation//NONSGML Kavi Groups//EN
X-MS-OLK-FORCEINSPECTOROPEN:TRUE
BEGIN:VTIMEZONE
TZID:America/New_York
BEGIN:STANDARD
DTSTART:20001029T020000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T060000Z
TZNAME:EST
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T020000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:EST
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T020000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T070000Z
TZNAME:EDT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T020000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:EDT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
STATUS:CONFIRMED
TRANSP:OPAQUE
DTSTAMP:20190710T201215Z
DTSTART;VALUE=DATE-TIME;TZID=America/New_York:20190802T110000
DTEND;VALUE=DATE-TIME;TZID=America/New_York:20190802T120000
SEQUENCE:0
SUMMARY:Threat Actor Enumeration Working Group
LOCATION:Zoom | https://newcontext.zoom.us/j/332585406
LAST-MODIFIED:20190710T201215Z
ORGANIZER:workgroup_mailer@lists.oasis-open.org
ATTENDEE;CUTYPE=GROUP:MAILTO:cti@lists.oasis-open.org
DESCRIPTION:Link for Ad Hoc Working Calls\n\nhttps://newcontext.zoom.us/
 j/332585406\n\nAgenda: Agenda:\n\n\n	Discuss need for harmon
 izing various Threat Actor taxonomies as community resource\
 n	Discuss framework & coordination\n	Discuss resources for a
 ccomplishing task\n	 \n\nGroup: OASIS Cyber Threat Intellige
 nce (CTI) TC\nCreator: Ms. Jane Ginn
URL:https://www.oasis-open.org/apps/org/workgroup/cti/event.php?event_id=49252
UID:https://www.oasis-open.org/apps/org/workgroup/cti/event.php?event_id=49252
BEGIN:VALARM
ACTION:DISPLAY
DESCRIPTION:REMINDER
TRIGGER;RELATED=START:-PT00H15M00S
END:VALARM
END:VEVENT
END:VCALENDAR