Document:
03106: STIX/TAXII™ 2.0 Interoperability Test Document - Part 1

Draft (A preliminary unapproved sketch, outline, or version.)

Details

Submitted By Ms. Jane Ginn on 2017-08-11 12:02 pm UTC

Publication Type

None at this time.

Group / Folder

OASIS Cyber Threat Intelligence (CTI) TC / System Ballot Results

Modified by

Not modified.

Copy

This document is not a copy.

Technical Contact

None at this time.

Download Count

568

Download Agreement

None at this time.

Description

This is Part 1 of the Interoperability test document to supplement the five-part STIX 2.0 specification developed by the CTI TC of OASIS. It is available at: https://www.oasis-open.org/committees/document.php?document_id=61240&wg_abbrev=cti The is the first in a series that will be developed concurrent with revisions to the STIX specification. This test document provides detailed requirements on how producers of products within the threat intelligence ecosystem may demonstrate conformity with STIX 2.0 if they wish to self-certify that their software is verified as interoperable. There are five personas detailed in Part 1 of this specification. These are: Data Feed Provider (DFP), Threat Intelligence Platform (TIP), Threat Mitigation System (TMS), Threat Detection System (TDS) and Security Incident and Event Management (SIEM). This interoperability test document defines tests of the following use cases: indicator sharing, sighting sharing, versioning, data markings, custom objects and properties, and course of action sharing. For each of these use cases the document details the Producer support and the Respondent support to be used for the test cases.