OASIS Open: Committees

CTI-TC Open Repositories

Do you approve requesting OASIS to create an Open Repository for a CybOX Schema and the Tools described below?

***********CybOX Schemas***********************************

Purpose Statement: The CybOX schemas repository will contain non-normative JSON schemas and examples for CybOX 3. The examples will include short examples of particular objects and more complete use-case examples. The repository will contain JSON schemas and JSON CybOX documents.

Initial Maintainers: Ivan Kirillov & Trey Darley

Open Source License: BSD-3-Clause License

GitHub Name: cti-cybox3-json-schemas

Short Description: OASIS Open Repository: Non-normative schemas and examples for CybOX 3

*******************TOOLS & UTILITIES******************************

*********** STIX/CybOX Pattern Validator Repository **************

Purpose Statement: The pattern-validator is a software tool for checking the syntax of the Cyber Threat Intelligence (CTI) STIX/CybOX Patterning expressions, which are used within STIX to express conditions (represented with the CybOX data model) that indicate particular cyber threat activity. The repository contains source code, an ANTLR grammar, automated tests and associated documentation for the tool. The pattern-validator can be used as a command-line tool or as a Python library which can be included in other applications.

Initial Maintainers: Greg Back & Ivan Kirillov

Open Source License: BSD-3-Clause License

GitHub Name: cti-pattern-validator

Short Description: OASIS Open Repository: Validate patterns used to express CybOX content in STIX Indicators

*********** STIX Marking-Prototype Repository ********************

Purpose Statement: The marking-prototype is a prototype implementation of granular data markings in STIX. It provides a potential API that can be used to create and process the markings, in order to examine the utility, usability, and completeness of how the granular data markings are specified. After the markings are added to the STIX specification, the code in this library may be used as reference, or incorporated directly into other libraries, but is not intended to be released as a standalone tool or library.

Initial Maintainers: Greg Back & Ivan Kirillov

Open Source License: BSD-3-Clause License

GitHub Name: cti-marking-prototype

Short Description: OASIS Open Repository: Prototype for processing granular data markings in STIX

*********** STIX Visualization Repository ************************

Purpose Statement: The STIX visualization is meant to provide producers and consumers of STIX content with a rapid way to visualize the objects in a STIX JSON file, and the relationships between those objects. The visualization is implemented in HTML, CSS, and JavaScript (using the D3.js library), and is suitable for standalone use--either on a hosted server or as a local file--or embedded into other applications. Regardless of how deployed, the JavaScript code in this repository does not transmit STIX data to any server; it is strictly processed within the browser in which the code is running, so it is suitable for data which the user does not wish to share.

Initial Maintainers: Greg Back & Ivan Kirillov

Open Source License: BSD-3-Clause License

GitHub Name: cti-stix-visualization

Short Description: OASIS Open Repository: Lightweight visualization for STIX 2.0 objects and relationships

*********** STIX Validator Repository ******************************

Purpose Statement: The STIX validator checks that STIX JSON content conforms to the requirements specified in the STIX 2.0 specification. In addition to checking conformance with the JSON schemas, the validator checks conformance with requirements that cannot be specified in JSON schema, as well as with established "best practices". This validator is non-normative; in cases of conflict with the STIX 2.0 specification, the specification takes precedence.

Initial Maintainers: Greg Back & Ivan Kirillov

Open Source License: BSD-3-Clause License

GitHub Name: cti-stix-validator

Short Description: OASIS Open Repository: Validator for STIX 2.0 JSON normative requirements and best practices

****** Documentation Repository [ STIX | CybOX | TAXII]**********

Purpose Statement: This repository is a GitHub Pages site storing non-normative information about the work of the CTI Technical Committee.

Initial Maintainer: Greg Back

Open Source License: BSD-3-Clause License

GitHub Name: cti-documentation

Short Description: OASIS Open Repository: GitHub Pages site for STIX, CybOX, and TAXII

[ ]	Yes
[ ]	No
[ ]	Abstain

Opening:		Friday, 2 September 2016 @ 01:00 pm EDT
Closing:		Saturday, 10 September 2016 @ 11:59 pm EDT
Group:		OASIS Cyber Threat Intelligence (CTI) TC

Ballot has closed.

Referenced Items
Name	Type	Date	Action
02971: CTI-TC Open Repositories (52K)	Document	2016-09-10	Details

Voting Details

Voting Summary

Options with highest number of votes are bold

Option	# Votes	% of Total
Yes	30	100%
No	0	0%
Abstain	0

Eligible members who have voted:	30 of 59	51%
Eligible members who have abstained:	0 of 59	0%
Eligible members who have not voted:	29 of 59	49%

Voting Details

Voter	Company	Vote	Reference Document and/or Comment
Dean Thompson	Australia and New Zealand Banking Group (A...	--
Alexander Foley	Bank of America	--
Bret Jordan	Blue Coat Systems, Inc.	Yes
Sarah Kelley	Center for Internet Security (CIS)	Yes
Joey Peloquin	Citrix Systems	Yes
Jane Ginn	Cyber Threat Intelligence Network, Inc. (C...	Yes	Once these are set-up I will add the links to the Wiki page on the OASIS Kavi Portal so members of the public can find them easily.
Richard Struse	DHS Office of Cybersecurity and Communicat...	--
Will Urbanski	Dell	Yes
David Eilken	Financial Services Information Sharing and...	--
Shyamal Pandya	FireEye, Inc.	--
Paul Patrick	FireEye, Inc.	Yes
Ryusuke Masuoka	Fujitsu Limited	Yes
Tomas Sander	Hewlett Packard Enterprise (HPE)	Yes
Kazuo Noguchi	Hitachi, Ltd.	--
Masato Terada	Hitachi, Ltd.	Yes
Jason Keirstead	IBM	--
Ron Williams	IBM	Yes
Elysa Jones	Individual	--
Terry MacDonald	Individual	Yes
Patrick Maroney	Individual	Yes	Note that I still advocate for Version Agnostic Github repositories for the reasons stated on the list. Another key reason is to leave all options open to the CTI TC when it comes to subsuming and int
Tim Casey	Intel Corporation	Yes
Beth Pumo	Kaiser Permanente	Yes
Trey Darley	Kingfisher Operations, sprl	Yes
Chris Wood	LookingGlass	--
Allan Thomson	LookingGlass	Yes
Lee Vorthman	LookingGlass	Yes
Ian Truslove	LookingGlass	Yes
Sean Barnum	Mitre Corporation	--
Jonathan Baker	Mitre Corporation	Yes
John Wunder	Mitre Corporation	Yes
Ivan Kirillov	Mitre Corporation	Yes
Richard Piazza	Mitre Corporation	Yes
Greg Back	Mitre Corporation	Yes
Takahiro Kakumaru	NEC Corporation	--
Daniel Riedel	New Context Services, Inc.	--
Andrew Storms	New Context Services, Inc.	--
Christian Hunt	New Context Services, Inc.	--
James Moler	New Context Services, Inc.	--
John-Mark Gurney	New Context Services, Inc.	Yes
Mark Clancy	Soltra	--
Aharon Chernin	Soltra	--
Ali Khan	Soltra	--
Michael Pepin	Soltra	--
Chris Kiehl	Soltra	--
Natalie Suarez	Soltra	--
Raymond Keckler	Soltra	--
Michael Butt	Soltra	Yes
John Anderson	Soltra	Yes
Mark Davidson	Soltra	Yes
Greg Reaume	TELUS	--
James Bohling	US Department of Defense (DoD)	--
Jeffrey Mates	US Department of Defense (DoD)	--
Gary Katz	US Department of Defense (DoD)	Yes
Mike McLellan	United Kingdom Cabinet Office	--
Chris Taylor	United Kingdom Cabinet Office	--
Laurie Thomson	United Kingdom Cabinet Office	--
Iain Brown	United Kingdom Cabinet Office	--
Robert Coderre	VeriSign	Yes
Kyle Maxwell	VeriSign	Yes