-
Notifications
You must be signed in to change notification settings - Fork 7
Work Product: STIX 1.2.1 Specification
This is the landing page for information related to the STIX 1.2.1 Specification Work Product. This page is intended to be an index into the latest information and resources, so please bookmark it if you are interested in STIX!
If you'd like to contribute to the conversation, please join the OASIS CTI TC.
Sean Barnum ([email protected]) and Aharon Chernin ([email protected]) are the co-chairs of the STIX Subcommittee.
The STIX Subcommittee (SC) has reviewed and approved the final draft of the v1.2.1 specification and uploaded it to the CTI TC for consideration. A motion was made and seconded at the 10/22/15 CTI TC meeting to progress the STIX v1.2.1 specifications as Committee Specification drafts for public review. Voting on this motion is occurring via electronic means.
The STIX Subcommittee (SC) is currently in the process of migrating and transforming the content of the pre-OASIS STIX v1.2 specification documents over into the OASIS specification document templates to form STIX v1.2.1. The set of documents making up the multi-part STIX 1.2.1 specification are:
- STIX Version 1.2.1 Part 1: Overview. [URI]
- STIX Version 1.2.1 Part 2: Common. [URI]
- STIX Version 1.2.1 Part 3: Core. [URI]
- STIX Version 1.2.1 Part 4: Indicator. [URI]
- STIX Version 1.2.1 Part 5: TTP. [URI]
- STIX Version 1.2.1 Part 6: Incident. [URI]
- STIX Version 1.2.1 Part 7: Threat Actor. [URI]
- STIX Version 1.2.1 Part 8: Campaign. [URI]
- STIX Version 1.2.1 Part 9: Course of Action. [URI]
- STIX Version 1.2.1 Part 10: Exploit Target. [URI]
- STIX Version 1.2.1 Part 11: Report. [URI]
- STIX Version 1.2.1 Part 12: Extensions. [URI]
- STIX Version 1.2.1 Part 13: Data Marking. [URI]
- STIX Version 1.2.1 Part 14: Vocabularies. [URI]
- STIX Version 1.2.1 Part 15: UML Model. [URI]
- It is estimated that all existing documents should be completely migrated to OASIS drafts sometime Aug 28 – Sep 4
- Once the drafts are completed they will be posted to the STIXProject/specifications repository and the SC members will have 1 week to review before recommending them to the TC for consideration as a Committee Specification Public Review Draft. The short review window is due to the fact that the 1.2.1 version of the specs should have no substantive structural or semantic changes from the 1.2 version.
- At this point in the process, the STIX SC plans to initiate formal kickoff of the STIX 2.0 work product
- Once at the TC level, it is expected that it will be rapidly issued as a Committee Specification Public Review Draft with the requisite minimal public comment window of 30 days.
- Once the public comment period is ended and all comments disposed of (due to the defined scope of the 1.2.1 release it is expected that any changes due to comments will be non-material in nature) the TC will move as quickly as possible to call for a TC Special Majority Vote to approve the documents as a Committee Specification.
The best way to provide feedback on STIX, TAXII, or CybOX is to join the OASIS CTI TC.
The second best way to provide feedback at a user/implementer level on STIX, TAXII, or CybOX is to send an email to [email protected].
OASIS CTI Wiki: https://wiki.oasis-open.org/cti/ STIX portion of the wiki: https://wiki.oasis-open.org/cti/stix
This is a list of related work, in no particular order. If you see something missing, please let us know and we'll add it.