STIX

From Glitchdata
Jump to navigation Jump to search

OASIS Cyber Threat Intelligence (CTI) STIX™22: one prominent threat intelligence representation and sharing standard is Structured Threat Information eXpression (STIX™) and its counterpart relay mechanism, Trusted Automated Exchange of Intelligence Information (TAXII). In 2021 STIX™ was released as an OASIS Standard.

  • The working group that developed STIX™ is the OASIS Cyber Threat Intelligence Technical

Committee (OASIS CTI TC).

  • STIX™ is an ontology and a language that describes cyberthreats and

observable information. It enables organisations to share cyberthreat intelligence in a consistent and machine-readable manner (STIX™ is expressed in JavaScript Object Notation - JSON), allowing them to better understand what computer-based attacks they are most likely to see and anticipate and/or respond to those attacks faster and more effectively.

  • STIX™ has influenced the underlying format for the representation

of different platforms for threat intelligence.

  • Structured Threat Information Expression (STIX™) is a language and serialization format used to exchange cyber threat intelligence (CTI).
  • STIX enables organizations to share CTI with one another in a consistent and machine readable manner, allowing security communities to better understand what computer-based attacks they are most likely to see and to anticipate and/or respond to those attacks faster and more effectively.
  • STIX is designed to improve many different capabilities, such as collaborative threat analysis, automated threat exchange, automated detection and response, and more.


Links


Related