2024 Session
Fiesta 5
3:45 pm - 4:30 pm, Tuesday, September 24
Extending STIX to Support Incident Reporting

 In response to U.S. federal incident reporting requirements, the Cybersecurity and Infrastructure Security Agency (CISA) has developed a comprehensive, in-depth incident reporting form (IRF). This presentation will give an overview of the IRF and will discuss extension definitions to the Structured Threat Information Expression (STIX) specification that enable capture of IRF data. Example IRF data will be mapped into STIX 2.1 to illustrate the new properties, vocabularies, and STIX domain objects.

Learning Objectives:

  • Gain familiarity with CISA's new incident reporting form (IRF).
  • Understand how STIX 2.1 has been extended to capture IRF data.
  • Understand how IRF data can be mapped into STIX 2.1 using the new properties, vocabularies, and objects.
Get in touch
Get in touch
Customer Service
For any and all inquiries please click the button below
Speaking Opportunities

Tim Garon
Director, Event Content and Strategy

InfoSec World
Stay Informed
Join our mailing list for the latest news on InfoSec World 2024.