Understanding that interoperable machine-readable security playbooks will become a fundamental component of defenders' arsenal to decrease attack detection and response times, it is time to consider their position in sharing efforts. This report documents the process of extending Structured Threat Information eXpression (STIX) version 2.1, using the available extension definition mechanism, to enable sharing machine-readable security playbooks and, in particular, Collaborative Automated Course of Action Operations (CACAO) playbooks.
翻译:由于认识到可互操作的机器可读安全剧本将成为维权者减少攻击探测和反应时间的武库的基本组成部分,现在是考虑其在共同努力中的立场的时候了,本报告记录了利用现有扩展定义机制扩大结构威胁信息压缩(STIX)2.1版的过程,以便分享机器可读安全剧本,特别是合作自动行动方针(CACAO)剧本。