Free

OASIS Cyber Threat Intelligence STIX/TAXII version 2 Training, June 2018

Event Information

Share this event

Date and Time

Location

Location

LookingGlass Cyber Solutions

10740 Parkridge Boulevard

1st Floor

Reston, VA 20191

View Map

Event description

Description

The OASIS CTI TC is offering a FREE, one-day training course on the new versions of STIX and TAXII – STIX2/TAXII2 on Wednesday, June 6th. This training is targeted at developers and analysts who are interested in learning more about these new standards. Both in-person and remote participation options are available.

Host: LookingGlass Cyber Solutions
Conference Facility provided by building: TNS

10740 Parkridge Boulevard
1st Floor
Reston, VA 20191

Main contact at the facility: Allan Thomson

If you're planning to attend the meeting either in person or by remote access, please complete this form by 25 May.

In addition to the training day on Wednesday, June 6th, there will be a plugfest on Tuesday, June 5th open to OASIS CTI TC members only. Training draft agenda is included below.

The host reserves the right to restrict registration & attendance for any one single organization to no more than 2 participants per organization.


STIX/TAXII v2 Training Agenda
Theory/Introduction Key Lessons Learned
Wednesday, June 6, 2018

Target audience:

  • Developers
  • Analysts

Pre-requisites:

  • Some programming experience helpful (e.g. python), but not required
  • Some experience in threat intelligence and security technologies


Draft Agenda:

9.00 am – 9.30 am: Overview on STIX/TAXII & History

9.30 am – 12.00 pm: STIX 2 Data Model Foundations

  • Use Cases supported
  • Overall architecture
  • Working with objects and how to construct related intelligence
  • Object versioning
  • Customization and extension
  • Pattern language introduction and examples
  • Interop implications integrated throughout

12.00 pm – 1.00 pm: Lunch

1.00 pm – 3.00 pm: TAXII 2 & Interop Foundations

  • Key methods
  • Filtering techniques
  • Post/get methods
  • Interop persona, test methodology…etc.

3.00 pm – 3.30 pm: Coffee/Break

3.30 pm – 6.00 pm: STIX/TAXII 2 In Practice

  • Leveraging STIX2 for Modelling TI
    • Key things to consider when your modelling
    • Specific examples of
      • intel report to stix model
      • indicators vs sightings and why
      • how to model common uses for mitigation leveraging pattern grammar
  • Using PythonSTIX2 tutorial/implementation guidance
    • Programming using the MITRE libraries

Date and Time

Location

LookingGlass Cyber Solutions

10740 Parkridge Boulevard

1st Floor

Reston, VA 20191

View Map

Save This Event

Event Saved