Large Organizations Need Open Security Intelligence Standards and Technologies

November 21, 2013

Today, vendors view their security intelligence as product differentiation, are already pushing the product/security intelligence model and will likely continue to do so in order to protect their installed base and compete in the market. That's okay in principle, but if vendors insist on charging for this type of product/security intelligence integration, then CISOs should push back and demand security intelligence standards and product APIs to create a more open security intelligence market model. In other words, products should "plugin" to any open security intelligence feeds that their customers select.

To pull this off, security intelligence must be based on standard data formats and secure transport protocols. I suggest STIX and TAXII being developed by DHS and MITRE.

View on Network World