6/10 Status Update

["Wunder, John A." <jwunder@mitre.org>]

All,

 

Here’s an update of where we stand. I think we’re getting close to final review for the three items in “Nearing Complete” and can maybe have consensus motions on those next week. Similarly, attack pattern has been around for awhile and people seem generally happy with it.

 

We got held up a bit on the string lengths/encodings/casing issue but between the ballot and a phone call on Tuesday hopefully we can move on from that shortly and have motions on the three vocab topics. Similarly, with a bit more work we can probably figure out malware vs. malicious tool vs. tool (or at least come to a compromise that makes us all equally unhappy).

 

There’s a side discussion on internationalization that we can’t let trail off. I think we’re coming close to having one or two proposals available for the broader community.

 

Gary Katz is leading some side groups on intrusion set and infrastructure.

 

MITRE and our DHS sponsor feel that incident and asset are important topics for us to consider for MVP, so will be dedicating some of our own effort there. Similarly, we’ll spend some time trying to mature an approach for target (targets of all types…vulnerabilities, software versions, sectors, nationalities, etc.) to prep for the community.

 

As usual, thanks everyone for the attention and effort. If you’d like to help work on any of these topics or any others please volunteer yourself.

 

John

 

Done
Boolean	Accepted	Boolean Section
List	Accepted	List Section
Number	Accepted	Number Section
IDs and References	Accepted	IDs and References Section
Object Creator	Accepted	Object Creator Section
Bundle	Current Motion	Bundle Section
Object Level Markings	Current Motion	Object Level Markings Section
Indicator Type Vocab	Current Motion	Indicator Label Section
Versioning	Current Motion	Versioning Section
Need Review
Open Vocabulary	Waiting to resolve encoding	Open Vocabulary Section
Controlled Vocabulary	Waiting to resolve encoding	Controlled Vocabulary Section
Vocab Ext	Waiting to resolve encoding	Vocabulary Extension Section
Report	Final Review	Report Section
Nearing Complete
Kill Chain	Review	Kill Chain Section
External Reference	Review	External Reference Section
Campaign	Review	Campaign Section
In Progress
Intrusion Set	Minor Work	Intrusion Set Section
Malware	Minor Work	Malware Section
Attack Pattern	Minor Work	Attack Pattern Section
Infrastructure	Minor Work	Infrastructure Section
Internationalization	Major Work
Granular Markings	Major Work	Granular Markings Section
Started, Not Finished, No Current Work
Custom Object	Minor Work	Custom Top Level Objects Section
Indicator	Minor Work	Indicator Section
Observation	Minor Work	Observation Section
Sighting	Minor Work	Sighting Section
CybOX Container	Minor Work	CybOX Container Section
Not Started
Identity	Major Work	Identity Section
Target	Major Work	Exploit Target Section
Asset	Major Work	Asset Section
Incident	Major Work	Incident Section
Threat Actor	Major Work	Threat Actor Section
COA	Major Work	Course of Action Section
Vulnerability	Minor Work	Vulnerability Section
Configuration	Minor Work	Configuration Section
Weakness	Minor Work	Weakness Section
Marking Definition	Major Work	Marking Definition Section
Finishing Up
Relationship Validation	Major Work