Consultatie over standaarden voor dreigingsinformatie

Forum Standaardisatie is een internetconsultatie gestart over het verplicht stellen van vernieuwde standaarden voor het delen van cyberdreigingsinformatie binnen de overheid. Reageren kan tot en met 16 februari 2026.

Om welke verplichting gaat het?

De consultatie gaat over versie 2.1 van de standaarden STIX en TAXII. Deze maken het mogelijk om informatie over cyberdreigingen gestructureerd en geautomatiseerd uit te wisselen tussen organisaties. Zoals Security Operations Centers en CERT’s.

Op dit moment staan oudere versies van deze standaarden op de lijst ‘pas toe of leg uit’. Met de consultatie wordt voorgesteld om versie 2.1 hiervoor in de plaats te laten komen. Deze versie sluit beter aan op de huidige praktijk en wordt al gebruikt door onder andere het NCSC (Nationaal Cyber Security Centrum).

Mening geven?

Via internetconsultatie.nl kun je reageren op het expertadvies om deze versie verplicht te stellen. De reacties worden meegenomen in het definitieve advies van Forum Standaardisatie aan het Overheidsbreed Beleidsoverleg Digitale Overheid (OBDO).

Dit is een automatisch geplaatst bericht. Vragen of opmerkingen kun je richten aan @DigitaleOverheid@social.overheid.nl

#cyberdreigingen #digitaleWeerbaarheid #forumStandaardisatie #gegevensuitwisseling #informatiebeveiliging #internetconsultatie #NDS #nieuwsbrief22026 #openStandaarden #overheidIt #pasToeLegUit #STIX #TAXII

Support for #STIX and #TAXII in #IntelMQ

For collecting and processing #threatintel feeds, #IntelMQ is a good tool. Simple to deploy and configure, used by several #CSIRT teams.
For long time, it was sufficient for me, however, with recent changes in #ESET #ThreatIntelligence feeds, I realized that IntelMQ lacks support for TAXII protocol and STIX language and objects...

After hours of studying the STIX/TAXII documentation, I decided to develop some basic support for collecting the feeds from TAXII servers and parsing the STIX indicators objects.
This way, IntelMQ can process not only the current #ETI feeds, but also some other sources.

The commits are currently waiting in pull request in IntelMQ GitHub:
https://github.com/certtools/intelmq/pull/2611

#cybersecurity #development #blueteam #cyberdefense #soc #siem

🚀 You now can integrate #ANYRUN's Threat Intelligence Feeds via #TAXII protocol.

Learn how you can use this fast and secure way to receive our fresh, uniquely sourced network #IOCs for proactive monitoring and detection ⬇️
https://any.run/cybersecurity-blog/taxii-protocol-integration/?utm_source=mastodon&utm_medium=post&utm_campaign=taxii_protocol_integration&utm_term=120625&utm_content=linktoblog

🚨 Did you know? 🚨

Over 50% of all cyber incidents could be prevented by better threat intelligence sharing. That's where STIX comes into play—a universal language for cybersecurity that lets organizations share threat data seamlessly.

🔐 Tip: Embrace STIX to level up your defense! It helps convert complex cyber threats into a readable format, so everyone in your network speaks the same language when tackling attacks. 🌐

How does your organization share threat intel? Are we ready for the STIX revolution? 🤔

🛡️ Dive deeper into STIX and why it's the next big thing in cybersecurity: https://guardiansofcyber.com/learning-hub-guides-tutorials/what-is-stix-in-cybersecurity-the-next-big-thing-you-need-to-know/

#Cybersecurity #ThreatIntelligence #STIX #TAXII #GuardiansOfCyber #Guardians #CyberDefense #InfoSec #DataSharing #TechTalk

A new kind of taxi, called the EH216-S, flew its first ever trip in Abu Dhabi without a pilot, with a passenger onboard. This is a big deal in aviation! The passenger was Mr. Mohamed Al Dhaheri from Multi Level Group. It shows how EHang is really into making transportation better.

EHang EH216-S Flying Video: https://myelectricsparks.com/pilotless-flying-taxi-completes-first-successful-flight-with-passenger-on-board-in-abu-dhabi/

#airtaxi #abudhabi #Taxii #drones

@da_667 i am testing out at around 85% which is barely enough to pass - i need to test out at 95% to have any real confidence - the last 10% is the toughest but really prospective infosec practitioners get a lot of support and everything is laid out, you just have to take a ton of sample tests and fix weak areas and keep going - psychologically it can be tough since you need a bevy of certs to really have a chance at being semi competent and well rounded but people just do need to slow down and take one step at a time, be rigorous/thorough #howtos #exercises #poc #praxis #saml #taxii #triads

How to push to a TAXII server from MISP.

Step by step blog post.

#threatintel #misp #taxii

https://www.misp-project.org/2023/04/29/MISP.how.to.push.to.a.taxii.server.html/

Anybody figure out how to hook #TAXII data into #InsightIDR? Rapid7 doesn't support it natively. Asking for a friend.