Making Threat Intelligence Actionable: Recommending Responses with STIX

  • Thursday, April 23, 2015 | 11:30 AM – 12:20 PM | West | Room: 2009

View all Sessions

To accelerate the response to newly detected incidents and new types of threat indicators, we developed ways to express recommend actions in STIX, which can be reviewed and selected by an operator and then executed by a threat defense system. We demonstrate how our extensions provide actionable details to go along with the threat information in STIX, and point the way towards better automation.


This document was retrieved from on Thu, 27 Oct 2016 08:47:50 -0400.
© 2016 EMC Corporation. All rights reserved.