ISAO 300-2: Automated Information Sharing

Draft in Development

This document will describe automating the cyber threat lifecycle process (identifying, publishing, exchanging, ingesting, correlating, and incorporating) and their derived actions.

Current ISAO SO documents do not address automated analysis of threat indicators and vulnerabilities in an actionable manner. As envisioned, the document will be targeted at any organization wanting to automate their cyber threat intelligence sharing process. This document is intended to be useful to individual organizations, ISAO members and the ISAOs that are or considering participation in the automated cyber threat intelligence sharing processes.