In Japan, many organizations focus on CSIRT and CSIRT functions as cyber security countermeasure. Also many organizations promote to share the information for establishment of enterprise CSIRT, operate of CSIRT, threat inteligence and so on for cyber security countermeasure. However, in Japan, in order to disseminate information sharing of threat information by machine readable based security automation, we need to respond to requirements such as flow control of information traffic by the scale of CSIRT, group control of information traffic by the purpose, sector, severity and type, distribution control of threat and vulnerability information by same distribution channel and so on. In this presentation, we will introduce construction situation of CSIRT and ISAC communities, information sharing trial using STIX/TAXII and the information sharing platform prototype for realizing the collaboration via systems and persons.
Bohemia Ballroom Borderless Cyber Conference and Technical Symposium / 6-8 Dec 2017 / Prague events@oasis-open.orgIn Japan, many organizations focus on CSIRT and CSIRT functions as cyber security countermeasure. Also many organizations promote to share the information for establishment of enterprise CSIRT, operate of CSIRT, threat inteligence and so on for cyber security countermeasure. However, in Japan, in order to disseminate information sharing of threat information by machine readable based security automation, we need to respond to requirements such as flow control of information traffic by the scale of CSIRT, group control of information traffic by the purpose, sector, severity and type, distribution control of threat and vulnerability information by same distribution channel and so on.
In this presentation, we will introduce construction situation of CSIRT and ISAC communities, information sharing trial using STIX/TAXII and the information sharing platform prototype for realizing the collaboration via systems and persons.