The leading standards for representing and sharing cyberthreat intelligence are now OASIS Standards,Âpublicly available for download and implementation.
OASIS Members and all interested parties,
OASIS is pleased to announce the publication of its newest OASIS Standards, approved by the members on 10 June 2021:
STIXâ Version 2.1
OASIS Standard
10 June 2021
and
TAXIIâ Version 2.1
OASIS Standard
10 June 2021
The OASIS Cyber Threat Intelligence (CTI) TC was chartered to define a set of information representations and protocols to address the need to model, analyze, and share cyber threat intelligence. The work was based initially on three specifications contributed by the US Department of Homeland Security (DHS) for development and standardization under the OASIS open standards process: STIX (Structured Threat Information _expression_), TAXII (Trusted Automated Exchange of Indicator Information), and CybOX (Cyber Observable _expression_).
Structured Threat Information _expression_ (STIX) is a language and serialization format used to exchange cyber threat intelligence. STIX enables organizations and tools to share threat intelligence with one another in a way that improves many different capabilities, such as collaborative threat analysis, automated threat exchange, automated detection and response, and more.
The TC received 11 Statements of Use from Accenture Security, Anomali, Avast Software s.r.o., CISA, DarkLight, Inc., EclecticIQ B.V., Fujitsu, IBM, New Context, SEKOIA, and Trend Micro.
TAXII is an application layer protocol for the communication of cyber threat information in a simple and scalable manner. It is specifically designed to support the exchange of CTI represented in STIX, but is not limited to STIX.
The TC received 9 Statements of Use from Avast Software s.r.o., Celerium, CISA, Cyware Labs, EclecticIQ B.V., FreeTAXII, Fujitsu, SEKOIA, and Trend Micro.
URIs
The OASIS Standards and all related files are available here:
* STIX Version 2.1
Editable source (Authoritative):Â