YoVDO

Introduction to STIX - TAXII 2 Standards

Offered By: nullcon via YouTube

Tags

nullcon Courses Incident Response Courses Cyber Threat Intelligence Courses

Course Description

Overview

Explore the latest standards for Cyber Threat Intelligence in this comprehensive conference talk from nullcon Goa 2019. Dive into the new features and changes of STIX/TAXII Version 2.0 and 2.1, including the Interop/STIXPreferred certification program. Learn about key concepts in the STIX Data Model, covering adversary domain objects, attack-based properties, TTP domain objects, incident response properties, and detection domain objects. Discover STIX 2.1 enhancements, including confidence levels, and examine real-world examples like the Lime RAT Report. Gain insights into TAXII 2 key definitions, API root discovery, collection management, and data posting. Address STIX v1 interoperability challenges and understand the STIX TAXII 2 Preferred introduction and persona. Presented by Allan Thomson, CTO of LookingGlass Cyber Solutions and co-chair of STIX/TAXII 2 Interoperability standards, this talk offers valuable knowledge for professionals in threat intelligence, security, and InfoSec fields.

Syllabus

Intro
CTI, STIX, TAXI & STIX Preferred
Historical Timeline
STIX Data Model Key Concepts
Adversary Domain object: Campaign
Adversary Domain object: Intrusion Set
Adversary Domain Object: Threat Actor
Attack Based Properties - 2 Tips
TTP Domain object: Attack Pattern
TTP Domain object: Malware
TTP Based Properties - 2 Tips
Incident Response Properties - 2 Tips
Detection Domain object: Indicator
Detection Domain object: Observed Data
STIX 2.1 Enhancements
STIX 2.1 Confidence
Lime RAT Report Example...
Analysis & Mapping Lime Remote Access Tool 5
Threat Modelling Example #2...
TAXI 2 Key Definitions
TAXII 2 Key Definitions Continued
API Root Discovery
Collection Discovery
Collection Object Retrieval
Posting Data to a Collection
STIX v1 Interoperability Challenges
STIX TAXII 2 Preferred Introduction
STIX TAXII 2 Preferred - Persona
Learn More On Specifications & Tools...


Taught by

nullcon

Related Courses

0Day Up Your Sleeve - Attacking macOS Environments
nullcon via YouTube
A Broken Commercial Metaverse-Based Virtual Office Platform
nullcon via YouTube
A Call To Arms - Desi Jugaad
nullcon via YouTube
A Hacker Walks Into A Co-Working Space
nullcon via YouTube
A Kernel Hacker Meets Fuchsia OS
nullcon via YouTube