STIX
Jump to navigation
Jump to search
OASIS Cyber Threat Intelligence (CTI) STIX™22: one prominent threat intelligence representation and sharing standard is Structured Threat Information eXpression (STIX™) and its counterpart relay mechanism, Trusted Automated Exchange of Intelligence Information (TAXII). In 2021 STIX™ was released as an OASIS Standard.
- The working group that developed STIX™ is the OASIS Cyber Threat Intelligence Technical
Committee (OASIS CTI TC).
- STIX™ is an ontology and a language that describes cyberthreats and observable information. It enables organisations to share cyberthreat intelligence in a consistent and machine-readable manner (STIX™ is expressed in JavaScript Object Notation - JSON), allowing them to better understand what computer-based attacks they are most likely to see and anticipate and/or respond to
those attacks faster and more effectively.
- STIX™ has influenced the underlying format for the representation of different platforms for Threat Intelligence.
- Structured Threat Information Expression (STIX™) is a language and serialization format used to exchange cyber threat intelligence (CTI).
- STIX enables organizations to share CTI with one another in a consistent and machine readable manner, allowing security communities to better understand what computer-based attacks they are most likely to see and to anticipate and/or respond to those attacks faster and more effectively.
- STIX is designed to improve many different capabilities, such as collaborative threat analysis, automated threat exchange, automated detection and response, and more.
Links