web analytics

STIX and TAXII: New weapons in the security battle

They may sound like a German noble family, but STIX and TAXII are new tools for fighting internet lawlessness. They enable the good guys to beat internet attacks through automated, realtime info sharing, and are supported by many tech heavyweights. Here’s what you need to know.

 

                                  

 

By Robin Harris 

 

The scenario is depressing and all too common: the Bad Guys — state actors, criminal gangs, script-kiddies — launch an attack, make off with a bundle, and then repeat the attack dozens, perhaps hundreds of times. How does that happen?

 

It happens because the Good Guys aren’t communicating the details of the threat and the actions needed to defeat it. A guy at a NOC might call his colleague and warn him, or tell his security vendor to update their profiles, but that’s about it.

 

I spoke to Brett Jordan of Symantec, editor of the STIX spec and co-chair for TAXII, about how STIX and TAXII aim to change that. They’re two standards whose development is supported by the major security industry players, including IBM, HPE, Cisco, and Dell, large financial institutions, and the US government, including the Department of Defense and the NSA.

 

Full Article

Take a look at the best antivirus, anti-malware, anti-spy, etc. software

Powered by WPeMatico