You ever have one of those days? We ran into some problems with Tuesday’s “ThreadFix 2.1 and Your Application Security Program” webinar. Apparently a WebEx issue kept a lot of folks from being able to attend live. We wanted to extend thanks to everyone who attended and apologize to those who weren’t able to. Also, never fear, we have the recording and the slides online.
The ThreadFix 2.1 webinar recording is available here:
I wanted to follow up on a question that came up during the Q&A at the end of the webinar. There was a great question about whether or not ThreadFix supports the STIX data format and the TAXII service and message exchange specification. STIX is the MITRE effort to define a Structured Threat Information eXpression and TAXII is their effort to define a Trusted Automated eXchange of Indicator Information. ThreadFix doesn’t currently support importing STIX data or the TAXII exchange format, but, as we discussed during the webinar, a big push with the 2.1 release of ThreadFix has been to better enable organizations to make risk decisions based on data. This has continued with the 2.2 development cycle (check out one of the milestone builds and look at the updated Analytics) Though we don’t currently have plans to support STIX and TAXII on our immediate roadmap, please let us know if that is important to your organization. We’d love to learn more about how you are using STIX and TAXII and we’re happy to add support if there is enough interest from the community.
Here are a couple of links to other ThreadFix 2.1 resources:
- Denim Group Enhances ThreadFix to Deepen Application Vulnerability Management and Remediation Capabilities (press release)
- ThreadFix 2.1 release technical details (blog post)
- ThreadFix downloads (2.1 stable release and 2.2 milestone builds)
Again – thanks to everyone who attended and our deepest apologies to those who fell victim to the WebEx issue and weren’t able to attend. If you have questions about ThreadFix 2.1, please feel free to drop us a line or post questions in the comments and we’ll get them answered.