Thanks much!
Juniper Business Use Only From: Nancy Cam-Winget (ncamwing) <[email protected]> Sent: Wednesday, February 3, 2021 12:34 PM To: Ron Bonica <[email protected]>; Kirsty P <[email protected]>; [email protected] Cc: Ollie Whitehouse <[email protected]> Subject: Re: [OPSEC] New Version Notification for draft-paine-smart-indicators-of-compromise-02.txt [External Email. Be cautious of content] Hi Ron, I can review it, but will not be able to get to it for a week if that's OK..... Best, Nancy From: OPSEC <[email protected]<mailto:[email protected]>> on behalf of Ron Bonica <[email protected]<mailto:[email protected]>> Date: Wednesday, February 3, 2021 at 9:04 AM To: Kirsty P <[email protected]<mailto:[email protected]>>, "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Cc: Ollie Whitehouse <[email protected]<mailto:[email protected]>> Subject: Re: [OPSEC] New Version Notification for draft-paine-smart-indicators-of-compromise-02.txt Folks, This appears to be a well-written draft that reflects current practice. Could I ask for two volunteers to read and comment on the draft? Ron Juniper Business Use Only From: OPSEC <[email protected]<mailto:[email protected]>> On Behalf Of Kirsty P Sent: Tuesday, January 26, 2021 6:19 AM To: [email protected]<mailto:[email protected]> Cc: Ollie Whitehouse <[email protected]<mailto:[email protected]>> Subject: [OPSEC] Fw: New Version Notification for draft-paine-smart-indicators-of-compromise-02.txt [External Email. Be cautious of content] Hi OPSEC, Please see below for details of our new draft on Indicators of Compromise (IoCs), updated based on previous comments. We think it might be suitable for OPSEC, but we'd like to hear your comments, discussion or feedback on this draft - please get in touch! Kirsty & Ollie ________________________________ From: [email protected]<mailto:[email protected]> <[email protected]<mailto:[email protected]>> Sent: 13 January 2021 17:44 To: Kirsty P <[email protected]<mailto:[email protected]>>; Kirsty P <[email protected]<mailto:[email protected]>>; Ollie Whitehouse <[email protected]<mailto:[email protected]>> Subject: New Version Notification for draft-paine-smart-indicators-of-compromise-02.txt A new version of I-D, draft-paine-smart-indicators-of-compromise-02.txt has been successfully submitted by Kirsty Paine and posted to the IETF repository. Name: draft-paine-smart-indicators-of-compromise Revision: 02 Title: Indicators of Compromise (IoCs) and Their Role in Attack Defence Document date: 2021-01-13 Group: Individual Submission Pages: 18 URL: https://www.ietf.org/archive/id/draft-paine-smart-indicators-of-compromise-02.txt<https://urldefense.com/v3/__https:/www.ietf.org/archive/id/draft-paine-smart-indicators-of-compromise-02.txt__;!!NEt6yMaO-gk!ROAJN_sBswX8ZJeSvhDtX_81t08cWDIA_hgNshzWwHgWRT7fGXREkXz-a5ZEmb5z$> Status: https://datatracker.ietf.org/doc/draft-paine-smart-indicators-of-compromise/<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/draft-paine-smart-indicators-of-compromise/__;!!NEt6yMaO-gk!ROAJN_sBswX8ZJeSvhDtX_81t08cWDIA_hgNshzWwHgWRT7fGXREkXz-a2JpAO1o$> Htmlized: https://datatracker.ietf.org/doc/html/draft-paine-smart-indicators-of-compromise<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/html/draft-paine-smart-indicators-of-compromise__;!!NEt6yMaO-gk!ROAJN_sBswX8ZJeSvhDtX_81t08cWDIA_hgNshzWwHgWRT7fGXREkXz-a6QW_hAc$> Htmlized: https://tools.ietf.org/html/draft-paine-smart-indicators-of-compromise-02<https://urldefense.com/v3/__https:/tools.ietf.org/html/draft-paine-smart-indicators-of-compromise-02__;!!NEt6yMaO-gk!ROAJN_sBswX8ZJeSvhDtX_81t08cWDIA_hgNshzWwHgWRT7fGXREkXz-a8ljssC1$> Diff: https://www.ietf.org/rfcdiff?url2=draft-paine-smart-indicators-of-compromise-02<https://urldefense.com/v3/__https:/www.ietf.org/rfcdiff?url2=draft-paine-smart-indicators-of-compromise-02__;!!NEt6yMaO-gk!ROAJN_sBswX8ZJeSvhDtX_81t08cWDIA_hgNshzWwHgWRT7fGXREkXz-a-E-vKcg$> Abstract: Indicators of Compromise (IoCs) are an important technique in attack defence (often called cyber defence). This document outlines the different types of IoC, their associated benefits and limitations, and discusses their effective use. It also contextualises the role of IoCs in defending against attacks through describing a recent case study. This draft does not pre-suppose where IoCs can be found or should be detected - as they can be discovered and deployed in networks, endpoints or elsewhere - rather, engineers should be aware that they need to be detectable (either by endpoints, security appliances or network-based defences, or ideally all) to be effective. The purpose of this draft is to document both the operational issues, but also the best practices associated with use of IoCs today. This draft provides a foundation for proposals for new approaches to operational challenges in network security. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation. Refer any FOIA queries to [email protected]<mailto:[email protected]>. All material is UK Crown Copyright (c)
_______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
