Testimonials

STIX and TAXII in particular are important initiatives towards next generation threat intelligence. Using the same terms, data streams, and threat modeling methods will help researchers, vendors, and law enforcement alike share information back and forth to stay abreast or even ahead of threat actor groups. We are pleased to contribute to this and more through OASIS.

— Derek Manky, Global Security Strategist, Fortinet

We have long been committed to any advances that can better enable the sharing of threat intelligence among security professionals. Until now, organizations have been hampered by a lack of common standards and the tendency for security information to be siloed. We strongly support this important endeavor and look forward to contributing to the standardization being led by OASIS.

— Paul Martini, CEO and Co-founder, iboss Cybersecurity

NEC is very pleased to be part of the CTI Technical Committee and continues to drive CTI adoption with industry partnerships to benefit customers. NEC believes that threat intelligence standards are crucial for proactively countering the cyber threat. We are excited about the formation of CTI TC and support its efforts through its contributing to and promotion of this global standard.

— Kozo Matsuo, General Manager, Cyber Security Strategy Division, NEC Corporation

We have been advocates of STIX, TAXII and CybOx for some time. OASIS as an international standards checkpoint will undoubtedly improve threat intelligence sharing amongst partners by facilitating the exchange of computer-readable threat information.

— David Maxwell, Director of Threat Intelligence, eSentire

OASIS strikes the right balance between the amount of structure you need for real standards and the amount of flexibility you need for cutting-edge innovation.

— Drummond Reed, XDI.org

Development of an industry-wide standards framework for cyber threat intelligence is crucial for the information security industry to be able to define and share threats. New Context is a proud sponsor of OASIS and believes strongly in open and transparent standards frameworks development. We look forward to collaborating on the next standards for STIX, CybOX and TAXII.

— Daniel Riedel, CEO, New Context

I always encourage vendors with products related to access control, security, or cloud computing to join the appropriate OASIS Technical Committees and contribute to the standards work. We all benefit that way.

— John Tolbert, VP, Cybersecurity, Queralt

OASIS provides an auditable, transparent and justifiable process. It makes it easy for anyone to understand how the CAP-AU Profile was developed.

— Greg Trott, CAP-AU Project Manager, Australia Attorney-General's Dept

OASIS members continue to amaze me by their deep knowledge of technology. I can ask a question on a TC call and get more valuable feedback in minutes than I would from spending days in a conference.

— Pim van der Eijk, Owner, Sonnenglanz Consulting

OASIS gives me access to very high-level colleagues. Every TC meeting is like an intensive research seminar on a topic in our field.

— Adam Wyner, Dr., Research Associate, University of Liverpool