4 hours 42 minutes
Now let's move to the third type off standards, which is transport standards and particle. We will start with the first standard, which is T L P
Till distance for traffic light protocol. And it is a simple particle used to label sensitive information to ensure that only the correct audience is given access to it.
Shared information is tagged with one off the four colors. Red, amber, green or white red means that on Lee to be used by you and not to be spread to all our people, even within your own organisation. Amber means that this information
is to be used
and shared with your co workers within your organization,
on a need to know basis, and with your clients or customers who need to know this information to protect themselves and prevent further damage. Green means that this information is not very sensitive and can be shared with your partners or peers, but not fear publicly accessible channels,
websites and why it means that this information is public and can be shared freely, taken into account standard corporal rituals.
The second standard from the same category is sexy
taxi stands for trusted automated exchange off indicator information. The first draft was proposed in 2012 and the curve version is 2.0.
Taxi is also introduced by Miter and now maintained by always is
taxi is an application protocol for exchanging threat intelligence over https. It defines arrest fel a P I, and set off requirements for Texas clients and servers. Taxi was specifically designed to support exchange of threat intelligence represented in sticks format
and support off exchanging
sticks to 0.0 content is mandatory to implement. Taxi design principles include minimizing operational changes. Needed for production
is the incineration with existent sharing agreements and support for all widely used threats sharing models, including her buns folk.
Here's to Pierre
and Soar subscriber
We've seen previously two examples off thread feed aggregators, limo and Hail a taxi. These are also called free taxi servers. In this slide, we took the example off limo, which is compatible with taxi to and sticks to. You can directly enable it through
implementing stacks machine in your environment or use it over a taxi client.
The list of standers that we've learned in this video doesn't include all the standards available on the market.
There are others that were not mentioned here. My choice was based on my experience and to my opinion. The miter pile, including side box sticks and taxi, is widely supported by several free and paid security products. So let me ask you this question. Can you survive without these standards?
My answer is off course you can,
and applying these standards is a nice tohave. But you can survive with just storing your intelligence in flat files and sharing it by email or any other means.
However, if you are thinking about long term usage off indicators that using these standards will make your life easier, especially for indexing, acquiring and sharing, I hope you enjoy this lesson and the next video and see together important part off data processing phase, which is
integration, and Storch.
Penetration Testing and Ethical Hacking
The Penetration Testing and Ethical Hacking course prepares students for certifications, like CEH. This course ...
7 CEU/CPE Hours Available
Certificate of Completion Offered
MITRE ATT&CK Defender™ (MAD) ATT&CK® Cyber Threat Intelligence Certification Training
This course prepares you for the ATT&CK® Cyber Threat Intelligence Certification, and provides hands-on instruction ...
3 CEU/CPE Hours Available
Certificate of Completion Offered