Click here to close now.

SYS-CON MEDIA Authors: David Sprott, Liz McMillan, tru welu, Blue Box Blog, Kevin Jackson

News Feed Item

threatTRANSFORM Open Source App Jumpstarts STIX-Based Threat Data Classification

SAN JOSE, CA -- (Marketwired) -- 04/29/14 -- Creators of threatTRANSFORM (www.threattransform.com) announced the release of the open source application designed to streamline the creation, compiling, and publishing of STIX datasets. Anyone struggling to manage security event classification can utilize the free open source threatTRANSFORM application to improve their MSSP, SIEM, and other big data cyber threat intelligence, management, and response programs with the industry standard framework -- Structured Threat Information eXpression (STIX™).

STIX is designed for cyber threat analysts, malware analysts, security vendors, and information security practitioners in defending networks and systems against cyber threats. STIX provides a common language for describing cyber threat information for sharing, storing, and otherwise using a consistent manner that facilitates automation. threatTRANSFORM allows organizations to begin classifying threat data in an industry-standard way for consistent reporting, analysis, and sharing.

"We've been working with the open source version of threatTRANSFORM from the very beginning and totally support their commitment to opening it up to everyone -- we're using threatTRANSFORM to integrate our real-time cyber attack intelligence into threat platforms," said Maurits Lucas, InTELL Business Director at FOX-IT. "For us it was more than the ground-breaking work in using STIX in web platforms and the excellent framework they provide; the threatTRANSFORM guys have provided great support and advice which has helped us to scale our own unique InTELL portal content across multiple continents."

threatTRANSFORM was created by Brad Lindow, Timothy Plocinski, and Demetrios Lazarikos (Laz). Based on the MIT Open Source License, threatTRANSFORM was created for streamlining the creation of STIX datasets. Everything from analyzing complex information to sifting through machine data, the threatTRANSFORM application provides a powerful template engine. threatTRANSFORM is free and works in nearly any web server -- it's a quick way to jumpstart working with STIX.

"We'd previously been using a proprietary mechanism of data exchange," said Rich Reybok, SVP of Engineering for Vorstack. "threatTRANSFORM has really helped us to quickly transition to a preferred STIX standards based method of describing cyber threat information between customers, aiding product adoption."

threatTRANSFORM was built from the ground up for the end user and developer extending the cyber intelligence application code. To begin integrating threatTRANSFORM and take control of your STIX data, please visit http://www.threattransform.com.

About Blue Lava Consulting and Blue Lava Labs
Blue Lava Consulting, and Blue Lava Labs, are proud sponsors of the threatTRANSFORM open source project and application.

Blue Lava Consulting works in a strategic partnership with organizations to assess IT Security programs, IT risks, and build an efficient set of IT Security and Fraud solutions. Blue Lava experience in providing IT Security coaching, IT risk management, and research allows the company to tailor strategies in delivering superior results with the optimum balance of business resiliency and agility. Blue Lava is disciplined to work with organizations in providing a detailed and comprehensive knowledge transfer through engagements. For more information, please visit http://www.blue-lava.net.

Add to Digg Bookmark with del.icio.us Add to Newsvine

threatTRANSFORM PR Contact
Demetrios Lazarikos (Laz)
Email: Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
Container technology is sending shock waves through the world of cloud computing. Heralded as the 'next big thing,' containers provide software owners a consistent way to package their software and dependencies while infrastructure operators benefit from a standard way to deploy and run them. Containers present new challenges for tracking usage due to their dynamic nature. They can also be deployed to bare metal, virtual machines and various cloud platforms. How do software owners track the usag...
If cloud computing benefits are so clear, why have so few enterprises migrated their mission-critical apps? The answer is often inertia and FUD. No one ever got fired for not moving to the cloud - not yet. In his session at 15th Cloud Expo, Michael Hoch, SVP, Cloud Advisory Service at Virtustream, discussed the six key steps to justify and execute your MCA cloud migration.
SYS-CON Events announced today that BMC will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. BMC delivers software solutions that help IT transform digital enterprises for the ultimate competitive business advantage. BMC has worked with thousands of leading companies to create and deliver powerful IT management services. From mainframe to cloud to mobile, BMC pairs high-speed digital innovation with robust...
Containers Expo Blog covers the world of containers, as this lightweight alternative to virtual machines enables developers to work with identical dev environments and stacks. Containers Expo Blog offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. Bookmark Containers Expo Blog ▸ Here Follow new article posts on Twitter at @ContainersExpo
Compute virtualization has been transformational, yet security policy implementation and enforcement has lagged behind in agility and automation. There are a number of key considerations when implementing policy in private and hybrid clouds. In his session at 15th Cloud Expo, Malcolm Rieke, the Director of Product Management at Catbird, discussed the impact of this new paradigm and what organizations can do today to safely move to software-defined network and compute architectures, including: ...
We’re entering a new era of computing technology that many are calling the Internet of Things (IoT). Machine to machine, machine to infrastructure, machine to environment, the Internet of Everything, the Internet of Intelligent Things, intelligent systems – call it what you want, but it’s happening, and its potential is huge. IoT is comprised of smart machines interacting and communicating with other machines, objects, environments and infrastructures. As a result, huge volumes of data are bein...
Can the spatial component of your Big Data be harnessed and visualized, adding another dimension of power and analytics to your data? In his session at Big Data Expo®, John Meza, Product Engineer and Performance Engineering Team Lead at Esri, discussed the spatial queries that can be used within the Hadoop ecosystem and their integration with GeoSpatial applications. The GIS Tools for Hadoop project was also discussed and its implementation to discover location-based patterns and relationships...
Cloud and Big Data present unique dilemmas: embracing the benefits of these new technologies while maintaining the security of your organization's assets. When an outside party owns, controls and manages your infrastructure and computational resources, how can you be assured that sensitive data remains private and secure? How do you best protect data in mixed use cloud and big data infrastructure sets? Can you still satisfy the full range of reporting, compliance and regulatory requirements? In...
In this scenarios approach Joe Thykattil, Technology Architect & Sales at TimeWarner / Navisite, presented examples that will allow business-savvy professionals to make informed decisions based on a sound business model. This model covered the technology options in detail as well as a financial analysis. The TCO (Total Cost of Ownership) and ROI (Return on Investment) demonstrated how to start, develop and formulate a business case that will allow both small and large scale projects to achieve...
The move to the cloud brings a number of new security challenges, but the application remains your last line of defense. In his session at 15th Cloud Expo, Arthur Hicken, Evangelist at Parasoft, discussed how developers are extremely well-poised to perform tasks critical for securing the application – provided that certain key obstacles are overcome. Arthur Hicken has been involved in automating various practices at Parasoft for almost 20 years. He has worked on projects including database dev...
Building low-cost wearable devices can enhance the quality of our lives. In his session at Internet of @ThingsExpo, Sai Yamanoor, Embedded Software Engineer at Altschool, provided an example of putting together a small keychain within a $50 budget that educates the user about the air quality in their surroundings. He also provided examples such as building a wearable device that provides transit or recreational information. He then reviewed the resources available to build wearable devices at ...
There has been a lot of discussion recently in the DevOps space over whether there is a unique form of DevOps for large enterprises or is it just vendors looking to sell services and tools. In his session at DevOps Summit, Chris Riley, a technologist, discussed whether Enterprise DevOps is a unique species or not. What makes DevOps adoption in the enterprise unique or what doesn’t? Unique or not, what does this mean for adopting DevOps in enterprise size organizations? He also explored differe...
Storage administrators find themselves walking a line between meeting employees’ demands to use public cloud storage services, and their organizations’ need to store information on-premises for security, performance, cost and compliance reasons. However, as file sharing protocols like CIFS and NFS continue to lose their relevance, simply relying only on a NAS-based environment creates inefficiencies that hurt productivity and the bottom line. IT wants to implement cloud storage it can purchase a...
The emergence of cloud computing and Big Data warrants a greater role for the PMO to successfully manage enterprise transformation driven by these powerful trends. As the adoption of cloud-based services continues to grow, a governance model is needed to orchestrate enterprise cloud implementations and harness the power of Big Data analytics. In his session at Cloud Expo, Mahesh Singh, President of BigData, Inc., discussed how the Enterprise PMO takes center stage not only in developing the app...
Cloud Foundry open Platform as a Service makes it easy to operate, scale and deploy application for your dedicated cloud environments. It enables developers and operators to be significantly more agile, writing great applications and deliver them in days instead of months. Cloud Foundry takes care of all the infrastructure and network plumbing that you need to build, run and operate your applications and can do this while patching and updating systems and services without any downtime.