The SECEF consortium is pleased to announce the availability of a first IDMEF V2 public draft. This draft is proposed in an excel table format as it is easier to manipulate and modify during the first definition iteration but it will later be translated in Internet Draft Format.
Main principles which have driven our work on IDMEFv2 format are :
- V2 should choose simplicity vs exhaustiveness/structuration when it’s possible
- V2 preferred format must be JSON (with no more than 2 or 3 levels), use of XML should stay possible
- V2 must deal with incident detection (includes but wider than intrusion detection)
- V2 must include physical and cyber incident (security and availability)
- V2 number of main class should be lower than V1
- V2 should be easy to extend
The first public drafts are available on the SECEF Redmine document section.
Feel free to comment on SECEF mailing list :