Talk With an Expert

Tools and Standards for Cyber Threat Intelligence Projects

Tools and Standards for Cyber Threat Intelligence Projects (PDF, 2.26MB)Published: 22 Oct, 2013
Created by:
Greg Farnham

Making effective use of cyber threat intelligence is an important component of an organization's security program. Cyber threat intelligence can be obtained internally and from external sources. It must be collected, analyzed, shared and leveraged. This paper considers the context of the 'Develop Project Charter' and 'Scope Definition' processes from the Project Management body of Knowledge (PMBOK). This context is used in performing Product Analysis on leading tools and standards for cyber threat intelligence systems. Some of the tools and standards considered are the Open Indicators of Compromise (OpenIOC) framework, Vocabulary for Event Recording and Incident Sharing (VERIS), Cyber Observable eXpression (CybOX), Incident Object Description and Exchange Format (IODEF), Trusted Automated eXchange of Indicator Information (TAXII), Structured threat Information Expression (STIX), Traffic Light Protocol (TLP), Open Threat Exchange (OTX) and Collective Intelligence Framework (CIF).