You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am currently trying to understand how OCSF compares to STIX. I noticed in the present FAQ (https://github.com/ocsf/ocsf-docs/tree/main/FAQs) that you planned to add an explanation on how they are complementary.
As I cannot seem to find an answer to my question online, would it be possible to obtain one here?
Thanks.
The text was updated successfully, but these errors were encountered:
I think the best person to elaborate on this would be @JasonKeirstead . In short, STIX IOCs can be matched against OCSF observables to match possible attack vectors from known threat actors. There is an overlap in concept as STIX also distinguishes observables (from where OCSF borrowed the name), from IOCs, which are those observables and other artifacts that match threat vectors.
I am currently trying to understand how OCSF compares to STIX. I noticed in the present FAQ (https://github.com/ocsf/ocsf-docs/tree/main/FAQs) that you planned to add an explanation on how they are complementary.
As I cannot seem to find an answer to my question online, would it be possible to obtain one here?
Thanks.
The text was updated successfully, but these errors were encountered: