From STIX Sharing to Automated Threat Intelligence and Response
Many communities are collaborating and playing their role to develop a practical real time solution in this regard. STIX is one of such community-driven effort to develop a standardized language to define cyber threats and document their instances reported at different collaborating nodes. The information recorded using STIX is periodically shared among trusted parties using TAXII, which provides enhanced situational awareness regarding the emerging threats and helps in timely and efficient neutralization. Soltra Edge is one platform that allows the security community to set up cyber-intelligence repositories for automating sharing, management and integration of threat intelligence information.
The main objective of the project is to collect near real-time data from existing and credible intelligence networks related to threats and incidents and perform analysis by first converting it into a format suitable for automated reasoning. This will provide a means to effectively query, correlate and not only share the data but also take remedial actions proactively by generating and refining firewall policy rule-sets automatically via an inference based process. The end product will automate threat analytics and derive adequate security actions to mitigate related attacks associated with a threat allowing for active cyber defense.
The main objective of the project is to collect near real-time data from existing and credible intelligence networks related to threats and incidents and perform analysis by first converting it into a format suitable for automated reasoning. This will provide a means to effectively query, correlate and not only share the data but also take remedial actions proactively by generating and refining firewall policy rule-sets automatically via an inference based process. The end product will automate threat analytics and derive adequate security actions to mitigate related attacks associated with a threat allowing for active cyber defense.