OpenIOC, IODEF and other piles of XML

Douglas Wilson

unread,

Dec 7, 2011, 3:51:10 PM12/7/11

to OpenIOC

In addition to products, We've gotten several questions about
interoperability between OpenIOC and <insert name of other standard
here>.

Some of these are great cases for complement (such as OpenIOC &
IODEF), others are apples and oranges.

In the interest of promoting more discussion, I'd like to have people
sound off on their interoperability needs as far as data formats go --
I view this as complement to the product/vendor thread, but I'm
looking at this case at stuff that is not product specific.

I'm also in the process of constructing a "how does OpenIOC compare to
X" FAQ, and responses in this area would help inform standards I
should be covering/looking at if I don't have them down already.

Thanks again,

Doug

Kyle Maxwell

unread,

Dec 12, 2011, 10:11:52 AM12/12/11

to ope...@googlegroups.com

Areas I'd include in your FAQ would be CEF and VERIS in addition to IODEF.

Douglas Wilson

unread,

Dec 13, 2011, 5:17:51 PM12/13/11

to ope...@googlegroups.com

Don't hold me to this, but currently the list I'm looking at includes:

AV
Oval
Vulnerability Databases (several)
SCAP
IODEF
Veris
CEF
IDMEF (and others like CEF and IDMEF)
MAEC
IEEE Malware Description Standard
YARA

This may not all come out in the same document -- or if it does, it's going to be one heck of a doc. But if I missed anything, or people think one thing is more pertinent than another, let me know.

Doug

On Mon, Dec 12, 2011 at 10:11 AM, Kyle Maxwell <krma...@gmail.com> wrote:

Areas I'd include in your FAQ would be CEF and VERIS in addition to IODEF.

--

Doug Wilson
douglas...@openioc.org

OpenIOC Technology Advocate at MANDIANT
douglas...@mandiant.com

Reply all

Reply to author

Forward