Anda di halaman 1dari 2

threatTRANSFORM Open Source App Jumpstarts STIX-Based Threat Data Classification

The creators of threatTRANSFORM today announced the release of their open source
application designed to streamline the creation, compiling, and publishing of S
TIX datasets.
San Jose, CA (USA), May 02, 2014 -- The creators of threatTRANSFORM (http://www.
threattransform.com) today announced the release of their open source applicatio
n designed to streamline the creation, compiling, and publishing of STIX dataset
s. Anyone struggling to manage security event classification can utilize the fre
e open source threatTRANSFORM application to improve their MSSP, SIEM, and other
big data cyber threat intelligence, management and response programs with the i
ndustry standard framework - Structured Threat Information eXpression (STIX).
STIX is designed for cyber defenders, cyber threat analysts, malware analysts, s
ecurity vendors, and information security practitioners in defending their netwo
rks and systems against cyber threats. STIX provides a common language for descr
ibing cyber threat information so it can be shared, stored, and otherwise used i
n a consistent manner that facilitates automation. threatTRANSFORM allows organ
izations to begin classifying threat data in an industry-standard way for consis
tent reporting, analysis and sharing.
Weve been working with the open source version of threatTRANSFORM from the very be
ginning and totally support their commitment to opening it up to everyone - were
using threatTRANSFORM to integrate our real-time cyber attack intelligence into
threat platforms, said Maurits Lucas, InTELL Business Director at FOX-IT. For us i
t was more than the ground-breaking work in using STIX in web platforms and the
excellent framework they provide; the threatTRANSFORM guys have provided great s
upport and advice which has helped us to scale our own unique InTELL portal cont
ent across multiple continents.
threatTRANSFORM was created in 2014 by Brad Lindow, Timothy Plocinski, and Demet
rios Lazarikos (Laz). Based on the MIT Open Source License, threatTRANSFORM was
created out of the need for streamlining the creation of STIX datasets. Everythi
ng from analyzing complex information to sifting through machine data, the threa
tTRANSFORM application provides a powerful template engine. threatTRANSFORM is o
pen source, free and works in nearly any web server. Its the quickest way to get
going with STIX today.
We'd previously been using a proprietary mechanism of data exchange, said Rich Rey
bok, SVP of Engineering for Vorstack. threatTRANSFORM has really helped us to qui
ckly transition to a preferred STIX standards based method of describing cyber t
hreat information between customers, aiding product adoption.
threatTRANSFORM has been built from the ground up for ease-of-use, both for the
end user and the developer extending the cyber intelligence application code. To
begin integrating threatTRANSFORM and take control of your STIX data, please vi
sit http://www.threattransform.com.
About STIX:
The Structured Threat Information eXpression (STIX) is a language for describing
cyber threat information in a standardized and structured manner. STIX character
izes an extensive set of cyber threat information, to include indicators of adve
rsary activity (e.g., IP addresses and file hashes) as well as additional contex
tual information regarding threats (e.g., adversary Tactics, Techniques and Proc
edures [TTPs]; exploitation targets; Campaigns; and Courses of Action [COA]) tha
t together more completely characterize the cyber adversary's motivations, capab
ilities, and activities, and thus, how to best defend against them. For more inf
ormation, please visit http://stix.mitre.org.
About Blue Lava Consulting and Blue Lava Labs:
Blue Lava Consulting, and Blue Lava Labs, are proud sponsors of the threatTRANSF
ORM open source project and application.
Blue Lava Consulting works in a strategic partnership with organizations to asse
ss IT Security programs, IT risks, and build an efficient set of IT Security and
Fraud solutions. Blue Lava experience in providing IT Security coaching, IT ris
k management, and research allows the company to tailor strategies in delivering
superior results with the optimum balance of business resiliency and agility.
Blue Lava is disciplined to work with organizations in providing a detailed and
comprehensive knowledge transfer through engagements. For more information, ple
ase visit http://www.blue-lava.net.
threatTRANSFORM PR Contact:
Demetrios Lazarikos (Laz)
Email: press@threattransform.com
http://www.threattransform.com
threatTRANSFORM, Open Source App, STIX datasets, cyber threat, cyber threat info
rmation, STIX standards

Anda mungkin juga menyukai