{"draft":"draft-ietf-mile-iodef-guidance-11","doc_id":"RFC8274","title":"Incident Object Description Exchange Format Usage Guidance","authors":["P. Kampanakis","M. Suzuki"],"format":["ASCII","HTML"],"page_count":"33","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"Managed Incident Lightweight Exchange","abstract":"   The Incident Object Description Exchange Format (IODEF) v2 (RFC7970)\r\n   defines a data representation that provides a framework for sharing\r\n   information about computer security incidents commonly exchanged by\r\n   Computer Security Incident Response Teams (CSIRTs) .  Since the IODEF\r\n   model includes a wealth of available options that can be used to\r\n   describe a security incident or issue, it can be challenging for\r\n   security practitioners to develop tools that leverage IODEF for\r\n   incident sharing.  This document provides guidelines for IODEF\r\n   implementers.  It addresses how common security indicators can be\r\n   represented in IODEF and use-cases of how IODEF is being used.  This\r\n   document aims to make IODEF's adoption by vendors easier and\r\n   encourage faster and wider adoption of the model by CSIRTs around the\r\n   world.\r\n","pub_date":"November 2017","keywords":["IODEF best practices","IODEF implementation recommendations","IODEF examples","IODEF practical recommendations"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC8274","errata_url":null}